DSA-1746-1

Name	DSA-1746-1
Source	Debian
Description	ghostscript gs-gpl - arbitrary code execution
References	CVE-2009-0583, CVE-2009-0584
Debian/oldstable	not vulnerable
Debian/stable	not vulnerable
Debian/testing	not known to be vulnerable
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
ghostscript (PTS)	lenny, lenny (security)	8.62.dfsg.1-3.2lenny1	fixed
gs-gpl (PTS)	etch, etch (security)	8.54.dfsg.1-5etch2	fixed

The next table lists affected binary packages.

Binary Package	Release	Version	Status	Architecures
ghostscript, ghostscript-x, libgs-dev, libgs8	lenny, lenny (security)	8.62.dfsg.1-3.2lenny1	fixed	alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
ghostscript-doc, gs, gs-aladdin, gs-common, gs-esp, gs-gpl	lenny, lenny (security)	8.62.dfsg.1-3.2lenny1	fixed	all
gs	etch, etch (security)	8.54.dfsg.1-5etch2	fixed	all
gs-gpl	etch, etch (security)	8.54.dfsg.1-5etch2	fixed	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
ghostscript	source	lenny	8.62.dfsg.1-3.2lenny1	unknown
gs-gpl	source	etch	8.54.dfsg.1-5etch2	unknown

Home - Testing Security Team - Debian Security - Imprint