]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9348ab3) | patch
ghostscript: CVE-2016-8602, CVE-2017-7975
authorCatalin Enache <catalin.enache@windriver.com>
Mon, 8 May 2017 13:42:59 +0000 (16:42 +0300)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 18 May 2017 13:01:40 +0000 (14:01 +0100)
commit8f919c2df47ca93132f21160d919b6ee2207d9a6
treeddfdf042365f5f6394a92a64d72467f05c00d143tree
parent9348ab34de2fe2ab04c8b84011809045c632fd87commit | diff
ghostscript: CVE-2016-8602, CVE-2017-7975

The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote
attackers to cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted Postscript document that calls .sethalftone5 with an
empty operand stack.

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because
of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c
during operations on a crafted JBIG2 file, leading to a denial of service (application
crash) or possibly execution of arbitrary code.

References:
https://nvd.nist.gov/vuln/detail/CVE-2016-8602
https://nvd.nist.gov/vuln/detail/CVE-2017-7975

Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=f5c7555c303
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e57e483298

Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta/recipes-extended/ghostscript/ghostscript/CVE-2016-8602.patch [new file with mode: 0644] blob
meta/recipes-extended/ghostscript/ghostscript/CVE-2017-7975.patch [new file with mode: 0644] blob
meta/recipes-extended/ghostscript/ghostscript_9.20.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib