USN-3148-1: Ghostscript vulnerabilities<\/p>\n
1st December, 2016<\/em><\/p>\n A security issue affects these releases of Ubuntu and its Ghostscript could be made to crash, run programs, or disclose sensitive Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript Multiple vulnerabilities were discovered in Ghostscript related to information The problem can be corrected by updating your system to the following To update your system, please follow these instructions: In general, a standard system update will make all the necessary changes.<\/p>\n CVE-2013-5653<\/a>, <\/p>\n CVE-2016-7976<\/a>, <\/p>\n CVE-2016-7977<\/a>, <\/p>\n CVE-2016-7978<\/a>, <\/p>\n CVE-2016-7979<\/a>, <\/p>\n CVE-2016-8602<\/a><\/p>\n Source: USN-3148-1: Ghostscript vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" USN-3148-1: Ghostscript vulnerabilities Ubuntu Security Notice USN-3148-1 1st December, 2016 ghostscript vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Ghostscript could be made to crash, run programs, or disclose sensitive information if it processed a specially crafted file. Software description ghostscript – PostScript and PDF interpreter Details Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscriptprocesses certain Postscript files. If a user or automated system were trickedinto opening a specially crafted file, an attacker could cause a denial ofservice or possibly execute arbitrary code. (CVE-2016-7976, CVE-2016-7978,CVE-2016-7979, CVE-2016-8602) Multiple vulnerabilities were discovered in Ghostscript related to informationdisclosure. If a user or automated system were tricked into opening a speciallycrafted file, an attacker could expose sensitive data. (CVE-2013-5653,CVE-2016-7977) Update instructions The problem can be corrected [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-12390","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/12390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=12390"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/12390\/revisions"}],"predecessor-version":[{"id":12391,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/12390\/revisions\/12391"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=12390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=12390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=12390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}ghostscript vulnerabilities<\/h3>\n
\n derivatives:<\/p>\n\n
Summary<\/h3>\n
\ninformation if it processed a specially crafted file.\n<\/p>\nSoftware description<\/h3>\n
\n
\n – PostScript and PDF interpreter<\/p>\n<\/li>\n<\/ul>\nDetails<\/h3>\n
processes certain Postscript files. If a user or automated system were tricked
into opening a specially crafted file, an attacker could cause a denial of
service or possibly execute arbitrary code. (CVE-2016-7976<\/a>, CVE-2016-7978<\/a>,
CVE-2016-7979<\/a>, CVE-2016-8602<\/a>)<\/p>\n
disclosure. If a user or automated system were tricked into opening a specially
crafted file, an attacker could expose sensitive data. (CVE-2013-5653<\/a>,
CVE-2016-7977<\/a>)<\/p>\nUpdate instructions<\/h3>\n
\npackage version:<\/p>\n\n
\n
\n 9.19~dfsg+1-0ubuntu6.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.19~dfsg+1-0ubuntu6.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.19~dfsg+1-0ubuntu6.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.19~dfsg+1-0ubuntu6.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.18~dfsg~0-0ubuntu2.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.18~dfsg~0-0ubuntu2.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.18~dfsg~0-0ubuntu2.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.18~dfsg~0-0ubuntu2.2<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.10~dfsg-0ubuntu10.5<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.10~dfsg-0ubuntu10.5<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.10~dfsg-0ubuntu10.5<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.10~dfsg-0ubuntu10.5<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.05~dfsg-0ubuntu4.4<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.05~dfsg-0ubuntu4.4<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.05~dfsg-0ubuntu4.4<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 9.05~dfsg-0ubuntu4.4<\/a>
\n <\/span>\n <\/dd>\n<\/dl>\n
\nhttps:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\nReferences<\/h3>\n