==========================================================Ubuntu Security Notice USN-757-1             April 15, 2009
ghostscript, gs-esp, gs-gpl vulnerabilities
CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583,
CVE-2009-0584, CVE-2009-0792
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  gs-esp                          8.15.2.dfsg.0ubuntu1-0ubuntu1.2
  gs-gpl                          8.15-4ubuntu3.3

Ubuntu 8.04 LTS:
  libgs8                          8.61.dfsg.1-1ubuntu3.2

Ubuntu 8.10:
  libgs8                          8.63.dfsg.1-0ubuntu6.4

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Ghostscript contained a buffer underflow in its
CCITTFax decoding filter. If a user or automated system were tricked into
opening a crafted PDF file, an attacker could cause a denial of service or
execute arbitrary code with privileges of the user invoking the program.
(CVE-2007-6725)

It was discovered that Ghostscript contained a buffer overflow in the
BaseFont writer module. If a user or automated system were tricked into
opening a crafted Postscript file, an attacker could cause a denial of
service or execute arbitrary code with privileges of the user invoking the
program. (CVE-2008-6679)

It was discovered that Ghostscript contained additional integer overflows
in its ICC color management library. If a user or automated system were
tricked into opening a crafted Postscript or PDF file, an attacker could
cause a denial of service or execute arbitrary code with privileges of the
user invoking the program. (CVE-2009-0792)

Alin Rad Pop discovered that Ghostscript contained a buffer overflow in the
jbig2dec library. If a user or automated system were tricked into opening a
crafted PDF file, an attacker could cause a denial of service or execute
arbitrary code with privileges of the user invoking the program.
(CVE-2009-0196)

USN-743-1 provided updated ghostscript and gs-gpl packages to fix two
security vulnerabilities. This update corrects the same vulnerabilities in
the gs-esp package.

Original advisory details:
 It was discovered that Ghostscript contained multiple integer overflows in
 its ICC color management library. If a user or automated system were
 tricked into opening a crafted Postscript file, an attacker could cause a
 denial of service or execute arbitrary code with privileges of the user
 invoking the program. (CVE-2009-0583)

 It was discovered that Ghostscript did not properly perform bounds
 checking in its ICC color management library. If a user or automated
 system were tricked into opening a crafted Postscript file, an attacker
 could cause a denial of service or execute arbitrary code with privileges
 of the user invoking the program. (CVE-2009-0584)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    88475 888a5e36bcd499e1c0a6104c2f2c32b2
          Size/MD5:      904 0b4f1a1e2255ffcfa870adee0c933eba
          Size/MD5:  7318074 cf386d9cdbf447f292128aa3bf17a94c
          Size/MD5:    45642 04b7f413b90ef9a01ee7b78bb06f4b0c
          Size/MD5:      864 5c03cef56ec50634d6bde7ac4e8d154b
          Size/MD5:  6382514 f2e0e6355d4b64e6f636b62a2220ad47

  Architecture independent packages:

          Size/MD5:    14958 786b4e5e659958f80fb2f6ebba60131c

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:  3086720 e56a942a70491403b044492228b9e60c
          Size/MD5:  2768130 8974dd28ce222b8f9b9170121f7f4565

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:  2879706 364962f1d6445fecbc777ff3eba3e71f
          Size/MD5:  2590888 d454d8ebe63b6ac2f8ea5148ab7d79be

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:  3069114 75807469a620426a9fae5a0d9ed5effc
          Size/MD5:  2751418 195cc55e06eb108d38e7183d4ef93f2a

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:  2912480 f902f75395b7bf7e1bdb0a8f0e31072d
          Size/MD5:  2616726 f8204c3caad01b832d309cb307e87c99

Updated packages for Ubuntu 8.04 LTS:

  Source archives:

          Size/MD5:   110434 dcdeaf75d04bfeb1c7e2beefea977753
          Size/MD5:     1206 3f0396e784c1fa07b6e3e3728072faf8
          Size/MD5: 12199544 4669884352d6967153a13a1d413f26b2

  Architecture independent packages:

          Size/MD5:  2725280 2d9fb6d5078f95de159f6e4ac25b5889
          Size/MD5:    27934 42619ea5765adf1bce524f7a7de5060c
          Size/MD5:    27930 3f720ae67557ae5956a5a19f512bd10c
          Size/MD5:    27942 a3ee0e4007848f6778e3e0cc433baab8
          Size/MD5:    27936 3e45a07defaab03b9af973f565973deb
          Size/MD5:    27934 1e1fafc614dc563ef5db46744ebb2d65
          Size/MD5:    27928 56e3d854d67b738c9ee1d3eac68ec62a
          Size/MD5:    27920 334312a6225c76d69fe5e259500ac36e

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    61914 e1a0b0675481193dc941db3a15af365f
          Size/MD5:   739836 28ef7752ce30d66573e95be97a91f557
          Size/MD5:    15092 718ea138e8711314fde1a1ab5bd326d7
          Size/MD5:  2302114 4b12f56ad2e3665b7c7ff705e1a37988

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    60248 6eb4e669b1aaa8fc33c1aec44f9aef70
          Size/MD5:   739930 235fdf708d0addb8c641234dcc46c8dc
          Size/MD5:    15094 3594e6e2fee08c35c2732908a72f8531
          Size/MD5:  2216730 5fcbbbab7bd0be7706498d2a4e64a261

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    59840 7664a2ac830360aa3a26191265e7b49b
          Size/MD5:   739536 08441356acaed8c8a17622dc9fdda7e1
          Size/MD5:    15096 4d93a542ae9b1b595723e95e483b2277
          Size/MD5:  2209744 efa4db8adfd22b58f36c930792b0ebe6

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    64960 e44bdeb6d982fe85df33919221742bf8
          Size/MD5:   742288 cd314807d66f2eef4a8ec9e8b622e7c4
          Size/MD5:    15102 fb1604ae54eda89546cfd0931e7a340e
          Size/MD5:  2395884 3d454d68d26ab7dd25f79d0cff8f79fc

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    59152 3db40124236ca66dbe6771ed97944a89
          Size/MD5:   739734 12aab96c1c44665fd35cf6871dbca3e8
          Size/MD5:    15092 e709b95bfe603f5e5ce512ec1ef0ea87
          Size/MD5:  2184148 ae618f8fd60ff53259d9009fd4525286

Updated packages for Ubuntu 8.10:

  Source archives:

          Size/MD5:   117152 e861a0b6261b876ea8638fdb774f550a
          Size/MD5:     1648 3af1ae64f055cceffdd2489e9a69b6f5
          Size/MD5: 13446723 0f019ca7041f892255600abf58aa1eec

  Architecture independent packages:

          Size/MD5:  2843940 9bbfc9b09deebac55a53c463729771c1
          Size/MD5:    30562 3d72c15e83c920ce72bfbbd47436e704
          Size/MD5:    30562 2fdec106a3170a9899faea032d3527bb
          Size/MD5:    30556 bfd7af84ef3aca682a17a8db6446b7dd
          Size/MD5:    30100 cb2a62d828fe463c5ddc92fff6184c17
          Size/MD5:    30560 1ef502dc69f6a2cfda973ea7b0f9091f
          Size/MD5:    30088 0645862bdecf9bdcb651cd672d441e89
          Size/MD5:    30548 48cf5e56c4c06d460aaf6b1a4243a3a0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

          Size/MD5:    64372 63421de9c9f3bb16f639b11213ed4ad7
          Size/MD5:   795550 3d2c08a01de9b91667fcd06c253960e0
          Size/MD5:    15094 cae2da14946aad2e3d158e1db7aca624
          Size/MD5:  2386192 5e3ebd7b79309db1c7359558a97aeb18

  i386 architecture (x86 compatible Intel/AMD):

          Size/MD5:    63022 82a47c879af21d1e3d2ff7ffef449553
          Size/MD5:   795030 30c0c3fd8d606c73d365adf901653dfe
          Size/MD5:    15090 bef1ea9161f55bf760b166b428663354
          Size/MD5:  2291468 fdb4d25935f5271a415c041e7503464b

  lpia architecture (Low Power Intel Architecture):

          Size/MD5:    62470 ac2789a870bfce68e9ac683d80c2257d
          Size/MD5:   795022 f4dab53c3f01fdca8d0c399940e170af
          Size/MD5:    15088 55b3c9182a964f7c58a8380bfec0eba2
          Size/MD5:  2273562 b87ce70cd757823653b3404ed1fa8560

  powerpc architecture (Apple Macintosh G3/G4/G5):

          Size/MD5:    67086 84567c0401077e0f742c9ba2e611e4fe
          Size/MD5:   798252 d4f700d96229bfbd2688d2e0fa1eeb30
          Size/MD5:    15100 0be215b3317c43abd5d5e137f929fe3a
          Size/MD5:  2472500 2392467d6f113f08fa23dc6d2a6595a7

  sparc architecture (Sun SPARC/UltraSPARC):

          Size/MD5:    61480 ba8052bd2ebc5542f4d442f4681a8652
          Size/MD5:   795456 8ee9db74e81cc58fbcddfdc7628c2935
          Size/MD5:    15100 09be0f187e6edda02ce73e0dafa715e9
          Size/MD5:  2232010 b3e6a3507a906cad5ad6d24fb77e57df

Ubuntu 757-1: Ghostscript vulnerabilities

April 15, 2009
It was discovered that Ghostscript contained a buffer underflow in its CCITTFax decoding filter

Summary

Update Instructions

References

Severity
ghostscript, gs-esp, gs-gpl vulnerabilities

Package Information

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved