Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: Ghostscript vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Chris Evans discovered that Ghostscript contained a buffer overflow in its color space handling code. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2008-0411)
Ubuntu Security Notice USN-599-1             April 09, 2008
ghostscript, gs-esp, gs-gpl vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  gs-esp                          8.15.2.dfsg.0ubuntu1-0ubuntu1.1
  gs-gpl                          8.15-4ubuntu3.1

Ubuntu 6.10:
  gs-esp                          8.15.2.dfsg.0ubuntu1-0ubuntu4.1
  gs-gpl                          8.50-1.1ubuntu1.2

Ubuntu 7.04:
  gs-esp                          8.15.4.dfsg.1-0ubuntu1.1
  gs-gpl                          8.54.dfsg.1-5ubuntu0.2

Ubuntu 7.10:
  libgs8                          8.61.dfsg.1~svn8187-0ubuntu3.4

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Chris Evans discovered that Ghostscript contained a buffer overflow in
its color space handling code. If a user or automated system were
tricked into opening a crafted Postscript file, an attacker could cause
a denial of service or execute arbitrary code with privileges of the
user invoking the program. (CVE-2008-0411)

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:    79843 865a0b3043e061ecd7071f9766490973
      Size/MD5:      896 84f13a9c3635c660804cd39bcbc224de
      Size/MD5:  7318074 cf386d9cdbf447f292128aa3bf17a94c
      Size/MD5:    36237 ffdce031378fd7b328f946b38f7ca328
      Size/MD5:      856 cf3d7b8e9393c45b64963f8a0c70ba33
      Size/MD5:  6382514 f2e0e6355d4b64e6f636b62a2220ad47

  Architecture independent packages:
      Size/MD5:    14544 711883238e32ca7572f937f454a7bd3d

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:  3085366 751de3a3727f01df02d463853715b3e2
      Size/MD5:  2766394 f6f49490831db02a986f7f8fba19b45a

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:  2878320 47323a1a3d5046cc10d050d0498a5e11
      Size/MD5:  2588858 0963d203c2d2d55a94a4f19df95a11f5

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:  3067016 802948ca7f74b14d5799e1262de2c70b
      Size/MD5:  2750074 7de53749613c27e93bf5751c9df1c107

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:  2911182 764a15be08c81097029162984047227b
      Size/MD5:  2615068 9c2978d37832b90fadc8d7cdcac44234

Updated packages for Ubuntu 6.10:

  Source archives:
      Size/MD5:   120549 7921d9f5186228f1c59d35d7807695c8
      Size/MD5:      939 7ade88211c09eca58d27ef3aa4263d7a
      Size/MD5:  7318074 cf386d9cdbf447f292128aa3bf17a94c
      Size/MD5:    68470 232a2bef1e87f2f9f7a25c12adc60b9a
      Size/MD5:      807 42229ffa15ca9ec83eece7b6622dc7aa
      Size/MD5:  9981486 661cacc387fb908f434bfbf5eef5c0ce

  Architecture independent packages:
      Size/MD5:    15172 300751ade83b5e52dd301ea86d39c16a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:  3092186 df72c4215172f68851421c54c29158c3
      Size/MD5:    11180 380d5fa470227d9d1f31e165968ae03e
      Size/MD5:  1673826 03d9bc3d55d1f45752d333dc95defa94
      Size/MD5:  3060146 ade53e7cb47f6a17ba43641e2f6b4c30

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:  2966640 6f9d4e871764160e65a311328ea608f8
      Size/MD5:    11176 962a9588546ec13d9fac79890c665fad
      Size/MD5:  1585016 efdf8619b97ccf6e3a04df5b201ecdf4
      Size/MD5:  2939858 f44d6da9e55f43a823b81ee4cf03f881

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:  3090262 056aa63ff0fc49dca7795a118cc00b8b
      Size/MD5:    11182 0d6822fe54a847514fca54f51e2c13cc
      Size/MD5:  1675878 f5e5a4e40ba6bbe371a0877a3fcf52c2
      Size/MD5:  3055306 e2f66bb9c7633ef31801534500b7c95f

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:  2929858 1a5d2c9f74cf4993fdea8dabad0eec74
      Size/MD5:    11176 31a9fa5a13e337c242629dff4c8efa98
      Size/MD5:  1562248 572b7083a8637c62718f04f1bf7e9525
      Size/MD5:  2892838 59548f52b070553dc877fa855ef745f9

Updated packages for Ubuntu 7.04:

  Source archives:
      Size/MD5:    66002 5d0ed09d3a92eaff291f4df2edf21bdc
      Size/MD5:      981 1c40a21396f29b03d5fa5441e407bd1e
      Size/MD5:  7384605 145e32d41945b07ea96fd5135bd71cb1
      Size/MD5:   216697 706e89c521c54e243134d8e5845f8817
      Size/MD5:      921 6fe85647fe9e0a2025a4e42c7fa83eae
      Size/MD5: 11695732 05938e26bfa8769e28cf2bb38efd9673

  Architecture independent packages:
      Size/MD5:    14584 f81ea53ca0f46f9a3f363febaf3c8182

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:    49226 dfeed98ec8c6f298a03bad8fa7c652bc
      Size/MD5:  1542634 474ad7cfb910df4173560d80ac955cc9
      Size/MD5:    14934 375e6340506047210042e7c1bbe687e7
      Size/MD5:  1700230 59798284f2517d8f3ced90214317a7ae
      Size/MD5:  5596708 1f1be812fcc213cb71516f7413da10fb

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:    47646 72a5107cf5e72d37cd520b5f5b36c020
      Size/MD5:  1542408 7b42cb4beb8bade7863ee760dd18f47f
      Size/MD5:    14934 ce4e02e7fa41709214b4490b64c75461
      Size/MD5:  1610518 a1f05c44128233fa567f613bfa62a102
      Size/MD5:  5475440 8e6306dcac18bc22570e224155de6ca8

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:    52478 4395eb4fef816fcddc3f636084d7e37b
      Size/MD5:  1545342 9844111ff58056ec1670eda7e78678f5
      Size/MD5:    14944 9d8bf99e52379ca572b4fce53c1ecffb
      Size/MD5:  1764230 d230f7c64b2cd61be04fe5ece4603c75
      Size/MD5:  5598734 b1ff41f6b412581adbe7d9779d9bc698

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:    46550 4bd26e4ea58eba4cbeeb15dd810270c5
      Size/MD5:  1542638 90244cd2803d5724ecab00c63abbd28e
      Size/MD5:    14942 17c3949dbc8581bebd911026bae4f727
      Size/MD5:  1590804 1aa2e0104eca01137464f006bd01e244
      Size/MD5:  5435620 2da8df3542261d315cb192616cad93b3

Updated packages for Ubuntu 7.10:

  Source archives:
      Size/MD5:    42793 0ec5871fbd2ccc38fdcc7b847fc81cf8
      Size/MD5:     1223 8d0545371592a2e555a577b402ed84f4
      Size/MD5: 11689594 7eadf4f53880e96a3846bd318a19d4c6

  Architecture independent packages:
      Size/MD5:  2642218 45d02573c18c96b2dbfa8e9f2d970167
      Size/MD5:    18230 9260d1a36ca8abac74df6be8647ba077
      Size/MD5:    18228 52877ee0d89a27db1efed5dc3dbcd9fc
      Size/MD5:    18222 78f3d8aee1b77d1705a61c10037472b4
      Size/MD5:    18240 da16487b10d483d9aaa8c90d92b559fd
      Size/MD5:    18240 043a307ac47681803835c687aa7d9686
      Size/MD5:    18238 6302baee678cd1e78b3ab40b45dd0958
      Size/MD5:    18226 5647948bdd7f8a61579bab851b2965c7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:    52888 1a16e17bb658ae3ac7f11239a840e69f
      Size/MD5:   744398 af32e2ca1493cc598deca544659b1367
      Size/MD5:    26386 1a067670e51ebaf967143aba4671b9d3
      Size/MD5:  2274818 84ad774407a03d1950d1d4f1f18ea91d

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:    51214 4096ffd8c5eeff3ffffc9d2ee22132c4
      Size/MD5:   744384 1caac2a5d165464f37d8887422aa2ab5
      Size/MD5:    26384 cdea7d1520254feaff11660a6cbe5798
      Size/MD5:  2204688 b0fe4bf2c6abd9a7212e52f9b0fa09cf

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:    56170 4405cc2bedd45a07a7c5e17c7e1922f3
      Size/MD5:   746742 3b62d2eb5e47ba23723b775c74d401ec
      Size/MD5:    26396 11a29b3923305326da861e96f38b2e56
      Size/MD5:  2386210 1bd8615459fb7fa9d6cf10c3db16a233

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:    50220 7d754b13e9ecc94f87fc0365a5536085
      Size/MD5:   744398 7090d539031521cdafffa0b08a936e22
      Size/MD5:    26394 3411d0228e61fad4989961a54271631c
      Size/MD5:  2186138 3f91b6af46be0a0c4296eeb6dd840fdf

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.