CVE-2018-16539

NameCVE-2018-16539
DescriptionIn Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1504-1, DSA-4288-1
NVD severitymedium
Debian Bugs907332

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ghostscript (PTS)stretch9.26a~dfsg-0+deb9u6fixed
stretch (security)9.26a~dfsg-0+deb9u7fixed
buster9.27~dfsg-2+deb10u3fixed
buster (security)9.27~dfsg-2+deb10u4fixed
bullseye9.52.1~dfsg-1fixed
sid9.53.1~dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ghostscriptsourcejessie9.06~dfsg-2+deb8u8DLA-1504-1
ghostscriptsourcestretch9.20~dfsg-3.2+deb9u4DSA-4288-1
ghostscriptsource(unstable)9.22~dfsg-3907332

Notes

https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
https://bugs.ghostscript.com/show_bug.cgi?id=699658
To not break cups with https://github.com/apple/cups/issues/5392
an additional (no-security) followup fix is needed as:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=150c8f69646b854a99f35f27edaae012eb2e900f
Cf. https://bugs.debian.org/908300

Search for package or bug name: Reporting problems