Summary: | <app-text/ghostscript-gpl-9.21 : NULL pointer dereference in mem_get_bits_rectangle() | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | printing, sudormrfhalt |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 616814 | ||
Bug Blocks: |
Description
Ian Zimmerman
2017-04-29 17:13:57 UTC
CVE ID: CVE-2017-7207 Summary: The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document. Published: 2017-03-21T06:59:00.000Z *** Bug 621124 has been marked as a duplicate of this bug. *** Patched in our 9.21 Added to an existing GLSA Request. This issue was resolved and addressed in GLSA 201708-06 at https://security.gentoo.org/glsa/201708-06 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for remaining architecture. |