Information on source package ghostscript

Available versions

ReleaseVersion
wheezy9.05~dfsg-6.3+deb7u2
wheezy (security)9.05~dfsg-6.3+deb7u7
jessie9.06~dfsg-2+deb8u5
jessie (security)9.06~dfsg-2+deb8u6
stretch (security)9.20~dfsg-3.2+deb9u1
buster9.22~dfsg-1
sid9.22~dfsg-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2016-10317vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableThe fill_threshhold_buffer function in base/gxht_thresh.c in Artifex ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9740fixedfixedvulnerablevulnerablevulnerableThe xps_decode_font_char_imp function in xps/xpsfont.c in Artifex ...
CVE-2017-9620fixedfixedvulnerablevulnerablevulnerableThe xps_select_font_encoding function in xps/xpsfont.c in Artifex ...
CVE-2017-9619fixedfixedvulnerablevulnerablevulnerableThe xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex ...
CVE-2017-9618fixedfixedvulnerablevulnerablevulnerableThe xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript ...
CVE-2017-9610fixedfixedvulnerablevulnerablevulnerableThe xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript ...
CVE-2017-8908fixedfixedvulnerablevulnerablevulnerableThe mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 ...
CVE-2017-7948fixedfixedvulnerablevulnerablevulnerableInteger overflow in the mark_curve function in Artifex Ghostscript 9.21 ...

Resolved issues

BugDescription
TEMP-0291452-29156Bgs-esp: Insecure usage of /tmp in source code
CVE-2017-9835The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript ...
CVE-2017-9739The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript ...
CVE-2017-9727The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript ...
CVE-2017-9726The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript ...
CVE-2017-9612The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS ...
CVE-2017-9611The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript ...
CVE-2017-8291Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and ...
CVE-2017-7207The mem_get_bits_rectangle function in Artifex Software, Inc. ...
CVE-2017-6196Multiple use-after-free vulnerabilities in the gx_image_enum_begin ...
CVE-2017-5951The mem_get_bits_rectangle function in base/gdevmem.c in Artifex ...
CVE-2017-11714psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the ...
CVE-2016-8602The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 ...
CVE-2016-7979Ghostscript before 9.21 might allow remote attackers to bypass the ...
CVE-2016-7978Use-after-free vulnerability in Ghostscript 9.20 might allow remote ...
CVE-2016-7977Ghostscript before 9.21 might allow remote attackers to bypass the ...
CVE-2016-7976The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote ...
CVE-2016-10220The gs_makewordimagedevice function in base/gsdevmem.c in Artifex ...
CVE-2016-10219The intersect function in base/gxfill.c in Artifex Software, Inc. ...
CVE-2016-10218The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF ...
CVE-2016-10217The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. ...
CVE-2015-3228Integer overflow in the gs_heap_alloc_bytes function in ...
CVE-2013-5653The getenv and filenameforall functions in Ghostscript 9.10 ignore the ...
CVE-2012-4875** DISPUTED ** ...
CVE-2012-4405Multiple integer underflows in the icmLut_allocate function in ...
CVE-2011-4517The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer ...
CVE-2011-4516Heap-based buffer overflow in the jpc_cox_getcompparms function in ...
CVE-2010-4820Untrusted search path vulnerability in Ghostscript 8.62 allows local ...
CVE-2010-4054The gs_type2_interpret function in Ghostscript allows remote attackers ...
CVE-2010-2055Ghostscript 8.71 and earlier reads initialization files from the ...
CVE-2010-1869Stack-based buffer overflow in the parser function in GhostScript 8.70 ...
CVE-2010-1628Ghostscript 8.64, 8.70, and possibly other versions allows ...
CVE-2009-4897Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier ...
CVE-2009-4270Stack-based buffer overflow in the errprintf function in base/gsmisc.c ...
CVE-2009-3743Off-by-one error in the Ins_MINDEX function in the TrueType bytecode ...
CVE-2009-3720The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...
CVE-2009-3560The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, ...
CVE-2009-0792Multiple integer overflows in icc.c in the International Color ...
CVE-2009-0584icc.c in the International Color Consortium (ICC) Format library (aka ...
CVE-2009-0583Multiple integer overflows in icc.c in the International Color ...
CVE-2009-0196Heap-based buffer overflow in the big2_decode_symbol_dict function ...
CVE-2008-6679Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and ...
CVE-2008-3522Buffer overflow in the jas_stream_printf function in ...
CVE-2008-3520Multiple integer overflows in JasPer 1.900.1 might allow ...
CVE-2008-0411Stack-based buffer overflow in the zseticcspace function in zicc.c in ...
CVE-2007-6725The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly ...
CVE-2007-2721The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer ...

Security announcements

DSA / DLADescription
DSA-3986-1ghostscript - security update
DSA-3986-1ghostscript - security update
DLA-1048-1ghostscript - security update
DLA-932-1ghostscript - security update
DSA-3838-1ghostscript - security update
DLA-905-1ghostscript - security update
DSA-3691-2ghostscript - regression update
DLA-674-2ghostscript - regression update
DLA-674-1ghostscript - security update
DSA-3691-1ghostscript - security update
DSA-3326-1ghostscript - security update
DSA-3326-1ghostscript - security update
DLA-280-1ghostscript - security update
DSA-2595-1ghostscript - buffer overflow
DSA-2093-1ghostscript - several vulnerabilities
DSA-2080-1ghostscript - several vulnerabilities
DSA-1746-1ghostscript gs-gpl - arbitrary code execution

Search for package or bug name: Reporting problems