SUSE-SU-2018:1140-1 -- SLES ghostscript, libgimpprintID: oval:org.secpod.oval:def:89043788 | Date: (C)2021-03-05 (M)2022-08-31 |
Class: PATCH | Family: unix |
This update for ghostscript-library fixes several issues. These security issues were fixed: - CVE-2017-7207: The mem_get_bits_rectangle function allowed remote attackers to cause a denial of service via a crafted PostScript document . - CVE-2016-9601: Prevent heap-buffer overflow by checking for an integer overflow in jbig2_image_new function . - CVE-2017-9612: The Ins_IP function in base/ttinterp.c allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document - CVE-2017-9726: The Ins_MDRP function in base/ttinterp.c allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document - CVE-2017-9727: The gx_ttfReader__Read function in base/gxttfb.c allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document - CVE-2017-9739: The Ins_JMPR function in base/ttinterp.c allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document - CVE-2017-11714: psi/ztoken.c mishandled references to the scanner state structure, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c - CVE-2017-9835: The gs_alloc_ref_array function allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PostScript document - CVE-2016-10219: The intersect function in base/gxfill.c allowed remote attackers to cause a denial of service via a crafted file - CVE-2017-9216: Prevent NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c which allowed for DoS
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
ghostscript |
libgimpprint |