[USN-757-1] Ghostscript vulnerabilities
Subject: [USN-757-1] Ghostscript vulnerabilities
From: Marc Deslauriers <marc.deslauriers@canonical.com.>
Reply-To: Ubuntu Security <security@ubuntu.com.>
To: [email protected]
Cc: [email protected], [email protected]
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-kwYKGfs/PBLep11q50ct"
Date: Wed, 15 Apr 2009 10:39:15 -0400
Message-Id: <1239806355.6443.2.camel@mdlinux.technorage.com.>
Mime-Version: 1.0
X-Mailer: Evolution 2.26.1
X-Virus-Scanned: antivirus-gw at tyumen.ru
--=-kwYKGfs/PBLep11q50ct
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-757-1 April 15, 2009
ghostscript, gs-esp, gs-gpl vulnerabilities
CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583,
CVE-2009-0584, CVE-2009-0792
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
gs-esp 8.15.2.dfsg.0ubuntu1-0ubuntu1.2
gs-gpl 8.15-4ubuntu3.3
Ubuntu 8.04 LTS:
libgs8 8.61.dfsg.1-1ubuntu3.2
Ubuntu 8.10:
libgs8 8.63.dfsg.1-0ubuntu6.4
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that Ghostscript contained a buffer underflow in its
CCITTFax decoding filter. If a user or automated system were tricked into
opening a crafted PDF file, an attacker could cause a denial of service or
execute arbitrary code with privileges of the user invoking the program.
(CVE-2007-6725)
It was discovered that Ghostscript contained a buffer overflow in the
BaseFont writer module. If a user or automated system were tricked into
opening a crafted Postscript file, an attacker could cause a denial of
service or execute arbitrary code with privileges of the user invoking the
program. (CVE-2008-6679)
It was discovered that Ghostscript contained additional integer overflows
in its ICC color management library. If a user or automated system were
tricked into opening a crafted Postscript or PDF file, an attacker could
cause a denial of service or execute arbitrary code with privileges of the
user invoking the program. (CVE-2009-0792)
Alin Rad Pop discovered that Ghostscript contained a buffer overflow in the
jbig2dec library. If a user or automated system were tricked into opening a
crafted PDF file, an attacker could cause a denial of service or execute
arbitrary code with privileges of the user invoking the program.
(CVE-2009-0196)
USN-743-1 provided updated ghostscript and gs-gpl packages to fix two
security vulnerabilities. This update corrects the same vulnerabilities in
the gs-esp package.
Original advisory details:
It was discovered that Ghostscript contained multiple integer overflows in
its ICC color management library. If a user or automated system were
tricked into opening a crafted Postscript file, an attacker could cause a
denial of service or execute arbitrary code with privileges of the user
invoking the program. (CVE-2009-0583)
It was discovered that Ghostscript did not properly perform bounds
checking in its ICC color management library. If a user or automated
system were tricked into opening a crafted Postscript file, an attacker
could cause a denial of service or execute arbitrary code with privileges
of the user invoking the program. (CVE-2009-0584)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1-0ubuntu1.2.diff.gz
Size/MD5: 88475 888a5e36bcd499e1c0a6104c2f2c32b2
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1-0ubuntu1.2.dsc
Size/MD5: 904 0b4f1a1e2255ffcfa870adee0c933eba
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1.orig.tar.gz
Size/MD5: 7318074 cf386d9cdbf447f292128aa3bf17a94c
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubunt=
u3.3.diff.gz
Size/MD5: 45642 04b7f413b90ef9a01ee7b78bb06f4b0c
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubunt=
u3.3.dsc
Size/MD5: 864 5c03cef56ec50634d6bde7ac4e8d154b
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15.orig.t=
ar.gz
Size/MD5: 6382514 f2e0e6355d4b64e6f636b62a2220ad47
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs_8.15-4ubuntu3.3=
_all.deb
Size/MD5: 14958 786b4e5e659958f80fb2f6ebba60131c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1-0ubuntu1.2_amd64.deb
Size/MD5: 3086720 e56a942a70491403b044492228b9e60c
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubunt=
u3.3_amd64.deb
Size/MD5: 2768130 8974dd28ce222b8f9b9170121f7f4565
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1-0ubuntu1.2_i386.deb
Size/MD5: 2879706 364962f1d6445fecbc777ff3eba3e71f
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubunt=
u3.3_i386.deb
Size/MD5: 2590888 d454d8ebe63b6ac2f8ea5148ab7d79be
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1-0ubuntu1.2_powerpc.deb
Size/MD5: 3069114 75807469a620426a9fae5a0d9ed5effc
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubunt=
u3.3_powerpc.deb
Size/MD5: 2751418 195cc55e06eb108d38e7183d4ef93f2a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gs-esp/gs-esp_8.15.2.dfsg=
.0ubuntu1-0ubuntu1.2_sparc.deb
Size/MD5: 2912480 f902f75395b7bf7e1bdb0a8f0e31072d
http://security.ubuntu.com/ubuntu/pool/main/g/gs-gpl/gs-gpl_8.15-4ubunt=
u3.3_sparc.deb
Size/MD5: 2616726 f8204c3caad01b832d309cb307e87c99
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.61.dfsg.1-1ubuntu3.2.diff.gz
Size/MD5: 110434 dcdeaf75d04bfeb1c7e2beefea977753
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.61.dfsg.1-1ubuntu3.2.dsc
Size/MD5: 1206 3f0396e784c1fa07b6e3e3728072faf8
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.61.dfsg.1.orig.tar.gz
Size/MD5: 12199544 4669884352d6967153a13a1d413f26b2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-d=
oc_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 2725280 2d9fb6d5078f95de159f6e4ac25b5889
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs-gpl_8.61.d=
fsg.1-1ubuntu3.2_all.deb
Size/MD5: 27934 42619ea5765adf1bce524f7a7de5060c
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs_8.61.dfsg.=
1-1ubuntu3.2_all.deb
Size/MD5: 27930 3f720ae67557ae5956a5a19f512bd10c
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-esp-dev=
_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27942 a3ee0e4007848f6778e3e0cc433baab8
http://security.ubuntu.com/ubuntu/pool/multiverse/g/ghostscript/gs-alad=
din_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27936 3e45a07defaab03b9af973f565973deb
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-common=
_8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27934 1e1fafc614dc563ef5db46744ebb2d65
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp-x_=
8.61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27928 56e3d854d67b738c9ee1d3eac68ec62a
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp_8.=
61.dfsg.1-1ubuntu3.2_all.deb
Size/MD5: 27920 334312a6225c76d69fe5e259500ac36e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x=
_8.61.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 61914 e1a0b0675481193dc941db3a15af365f
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.61.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 739836 28ef7752ce30d66573e95be97a91f557
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.6=
1.dfsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 15092 718ea138e8711314fde1a1ab5bd326d7
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.61.d=
fsg.1-1ubuntu3.2_amd64.deb
Size/MD5: 2302114 4b12f56ad2e3665b7c7ff705e1a37988
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x=
_8.61.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 60248 6eb4e669b1aaa8fc33c1aec44f9aef70
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.61.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 739930 235fdf708d0addb8c641234dcc46c8dc
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.6=
1.dfsg.1-1ubuntu3.2_i386.deb
Size/MD5: 15094 3594e6e2fee08c35c2732908a72f8531
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.61.d=
fsg.1-1ubuntu3.2_i386.deb
Size/MD5: 2216730 5fcbbbab7bd0be7706498d2a4e64a261
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg=
.1-1ubuntu3.2_lpia.deb
Size/MD5: 59840 7664a2ac830360aa3a26191265e7b49b
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1=
-1ubuntu3.2_lpia.deb
Size/MD5: 739536 08441356acaed8c8a17622dc9fdda7e1
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1=
ubuntu3.2_lpia.deb
Size/MD5: 15096 4d93a542ae9b1b595723e95e483b2277
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubu=
ntu3.2_lpia.deb
Size/MD5: 2209744 efa4db8adfd22b58f36c930792b0ebe6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg=
.1-1ubuntu3.2_powerpc.deb
Size/MD5: 64960 e44bdeb6d982fe85df33919221742bf8
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1=
-1ubuntu3.2_powerpc.deb
Size/MD5: 742288 cd314807d66f2eef4a8ec9e8b622e7c4
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1=
ubuntu3.2_powerpc.deb
Size/MD5: 15102 fb1604ae54eda89546cfd0931e7a340e
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubu=
ntu3.2_powerpc.deb
Size/MD5: 2395884 3d454d68d26ab7dd25f79d0cff8f79fc
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.61.dfsg=
.1-1ubuntu3.2_sparc.deb
Size/MD5: 59152 3db40124236ca66dbe6771ed97944a89
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.61.dfsg.1=
-1ubuntu3.2_sparc.deb
Size/MD5: 739734 12aab96c1c44665fd35cf6871dbca3e8
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.61.dfsg.1-1=
ubuntu3.2_sparc.deb
Size/MD5: 15092 e709b95bfe603f5e5ce512ec1ef0ea87
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.61.dfsg.1-1ubu=
ntu3.2_sparc.deb
Size/MD5: 2184148 ae618f8fd60ff53259d9009fd4525286
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.63.dfsg.1-0ubuntu6.4.diff.gz
Size/MD5: 117152 e861a0b6261b876ea8638fdb774f550a
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.63.dfsg.1-0ubuntu6.4.dsc
Size/MD5: 1648 3af1ae64f055cceffdd2489e9a69b6f5
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.63.dfsg.1.orig.tar.gz
Size/MD5: 13446723 0f019ca7041f892255600abf58aa1eec
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-d=
oc_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 2843940 9bbfc9b09deebac55a53c463729771c1
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs-common_8.6=
3.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30562 3d72c15e83c920ce72bfbbd47436e704
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs-gpl_8.63.d=
fsg.1-0ubuntu6.4_all.deb
Size/MD5: 30562 2fdec106a3170a9899faea032d3527bb
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/gs_8.63.dfsg.=
1-0ubuntu6.4_all.deb
Size/MD5: 30556 bfd7af84ef3aca682a17a8db6446b7dd
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-esp-dev=
_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30100 cb2a62d828fe463c5ddc92fff6184c17
http://security.ubuntu.com/ubuntu/pool/multiverse/g/ghostscript/gs-alad=
din_8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30560 1ef502dc69f6a2cfda973ea7b0f9091f
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp-x_=
8.63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30088 0645862bdecf9bdcb651cd672d441e89
http://security.ubuntu.com/ubuntu/pool/universe/g/ghostscript/gs-esp_8.=
63.dfsg.1-0ubuntu6.4_all.deb
Size/MD5: 30548 48cf5e56c4c06d460aaf6b1a4243a3a0
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x=
_8.63.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 64372 63421de9c9f3bb16f639b11213ed4ad7
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.63.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 795550 3d2c08a01de9b91667fcd06c253960e0
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.6=
3.dfsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 15094 cae2da14946aad2e3d158e1db7aca624
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.63.d=
fsg.1-0ubuntu6.4_amd64.deb
Size/MD5: 2386192 5e3ebd7b79309db1c7359558a97aeb18
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript-x=
_8.63.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 63022 82a47c879af21d1e3d2ff7ffef449553
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/ghostscript_8=
.63.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 795030 30c0c3fd8d606c73d365adf901653dfe
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs-dev_8.6=
3.dfsg.1-0ubuntu6.4_i386.deb
Size/MD5: 15090 bef1ea9161f55bf760b166b428663354
http://security.ubuntu.com/ubuntu/pool/main/g/ghostscript/libgs8_8.63.d=
fsg.1-0ubuntu6.4_i386.deb
Size/MD5: 2291468 fdb4d25935f5271a415c041e7503464b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg=
.1-0ubuntu6.4_lpia.deb
Size/MD5: 62470 ac2789a870bfce68e9ac683d80c2257d
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1=
-0ubuntu6.4_lpia.deb
Size/MD5: 795022 f4dab53c3f01fdca8d0c399940e170af
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0=
ubuntu6.4_lpia.deb
Size/MD5: 15088 55b3c9182a964f7c58a8380bfec0eba2
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubu=
ntu6.4_lpia.deb
Size/MD5: 2273562 b87ce70cd757823653b3404ed1fa8560
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg=
.1-0ubuntu6.4_powerpc.deb
Size/MD5: 67086 84567c0401077e0f742c9ba2e611e4fe
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1=
-0ubuntu6.4_powerpc.deb
Size/MD5: 798252 d4f700d96229bfbd2688d2e0fa1eeb30
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0=
ubuntu6.4_powerpc.deb
Size/MD5: 15100 0be215b3317c43abd5d5e137f929fe3a
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubu=
ntu6.4_powerpc.deb
Size/MD5: 2472500 2392467d6f113f08fa23dc6d2a6595a7
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript-x_8.63.dfsg=
.1-0ubuntu6.4_sparc.deb
Size/MD5: 61480 ba8052bd2ebc5542f4d442f4681a8652
http://ports.ubuntu.com/pool/main/g/ghostscript/ghostscript_8.63.dfsg.1=
-0ubuntu6.4_sparc.deb
Size/MD5: 795456 8ee9db74e81cc58fbcddfdc7628c2935
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs-dev_8.63.dfsg.1-0=
ubuntu6.4_sparc.deb
Size/MD5: 15100 09be0f187e6edda02ce73e0dafa715e9
http://ports.ubuntu.com/pool/main/g/ghostscript/libgs8_8.63.dfsg.1-0ubu=
ntu6.4_sparc.deb
Size/MD5: 2232010 b3e6a3507a906cad5ad6d24fb77e57df
--=-kwYKGfs/PBLep11q50ct
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAknl8ZEACgkQLMAs/0C4zNozEwCeOYIab5aqbpDMDo1YJdy4iNAH
BZgAnjQmdmpNk3VCpNAHo7FXDzjth5Yr
=AxN2
-----END PGP SIGNATURE-----
--=-kwYKGfs/PBLep11q50ct--