diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2019-04-16 22:00:37 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2019-04-16 22:00:37 +0200 |
commit | 21d9162dd33c918629dd3d402942607101fbf7fb (patch) | |
tree | c83926d4bb2965942ac87c673b86d69cd62d7e82 | |
parent | b1fd00b5e385025b6e31b17f23cbf04153b6f751 (diff) |
[DSA 4432-1] ghostscript security update
-rw-r--r-- | english/security/2019/dsa-4432.data | 13 | ||||
-rw-r--r-- | english/security/2019/dsa-4432.wml | 19 |
2 files changed, 32 insertions, 0 deletions
diff --git a/english/security/2019/dsa-4432.data b/english/security/2019/dsa-4432.data new file mode 100644 index 00000000000..6db132fd9e0 --- /dev/null +++ b/english/security/2019/dsa-4432.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-4432-1 ghostscript</define-tag> +<define-tag report_date>2019-4-16</define-tag> +<define-tag secrefs>CVE-2019-3835 CVE-2019-3838 Bug#925256 Bug#925257</define-tag> +<define-tag packages>ghostscript</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2019/dsa-4432.wml b/english/security/2019/dsa-4432.wml new file mode 100644 index 00000000000..64950b4d052 --- /dev/null +++ b/english/security/2019/dsa-4432.wml @@ -0,0 +1,19 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Cedric Buissart discovered two vulnerabilities in Ghostscript, the GPL +PostScript/PDF interpreter, which could result in bypass of file system +restrictions of the dSAFER sandbox.</p> + +<p>For the stable distribution (stretch), these problems have been fixed in +version 9.26a~dfsg-0+deb9u2.</p> + +<p>We recommend that you upgrade your ghostscript packages.</p> + +<p>For the detailed security status of ghostscript please refer to its +security tracker page at: +<a href="https://security-tracker.debian.org/tracker/ghostscript">https://security-tracker.debian.org/tracker/ghostscript</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2019/dsa-4432.data" +# $Id: $ |