| Errata ID | 232 |
|---|---|
| Date | 2018-09-12 |
| Source package | ghostscript |
| Fixed in version | 9.20~dfsg-3.2+deb9u4 |
| Description | This update addresses the following issues: * .tempfile file permission issues (CVE-2018-15908) * LockDistillerParams type confusion (CVE-2018-15910) * uninitialized memory access in the aesdecode operator (CVE-2018-15911) * a type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. (CVE-2018-16511) * setcolor missing type check (CVE-2018-16513) * incorrect access checking in temp file handling to disclose contents of files (CVE-2018-16539) * use-after-free in copydevice handling (CVE-2018-16540) * incorrect free logic in pagedevice replacement (CVE-2018-16541) * .definemodifiedfont memory corruption if /typecheck is handled (CVE-2018-16542) * gssetresolution and gsgetresolution memory corruption (CVE-2018-16543) * .setdistillerkeys PostScript command is accepted even though it is not intended for use (CVE-2018-16585) |
| Additional notes | |
| CVE ID | CVE-2018-15908 CVE-2018-15910 CVE-2018-15911 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543 CVE-2018-16585 |
| UCS Bug number | #47774 |
