Packages
- ghostscript - PostScript and PDF interpreter
Details
Netanel Fisher discovered that the font handler in Ghostscript did not
properly restrict privileged calls when ‘-dSAFER’ restrictions were in
effect. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could possibly use this issue to
access arbitrary files.
Netanel Fisher discovered that the font handler in Ghostscript did not
properly restrict privileged calls when ‘-dSAFER’ restrictions were in
effect. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could possibly use this issue to
access arbitrary files.
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
19.04 disco | ghostscript – 9.26~dfsg+0-0ubuntu7.2 | ||
libgs9 – 9.26~dfsg+0-0ubuntu7.2 | |||
18.04 bionic | ghostscript – 9.26~dfsg+0-0ubuntu0.18.04.10 | ||
libgs9 – 9.26~dfsg+0-0ubuntu0.18.04.10 | |||
16.04 xenial | ghostscript – 9.26~dfsg+0-0ubuntu0.16.04.10 | ||
libgs9 – 9.26~dfsg+0-0ubuntu0.16.04.10 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.