Bug 618818 (CVE-2017-6196)

Summary:	<app-text/ghostscript-gpl-9.21: Multiple Vulnerabilities (CVE-2017-6196)
Product:	Gentoo Security	Reporter:	GLSAMaker/CVETool Bot <glsamaker>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	printing
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	B3 [glsa cve]
Package list:		Runtime testing required:	---
Bug Depends on:	616814
Bug Blocks:

Description GLSAMaker/CVETool Bot gentoo-dev

2017-05-18 06:47:18 UTC

CVE-2017-6196 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6196):
  Multiple use-after-free vulnerabilities in the gx_image_enum_begin function
  in base/gxipixel.c in Ghostscript before
  ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a
  denial of service (application crash) or possibly have unspecified other
  impact via a crafted PostScript document.

Comment 1 Andreas K. Hüttel archtester

2017-06-09 22:57:11 UTC

Version bump pushed.

Comment 2 Yury German Gentoo Infrastructure

2017-08-02 16:06:57 UTC

Added to an existing GLSA Request.

Comment 3 GLSAMaker/CVETool Bot gentoo-dev

2017-08-21 01:16:55 UTC

This issue was resolved and addressed in
 GLSA 201708-06 at https://security.gentoo.org/glsa/201708-06
by GLSA coordinator Thomas Deutschmann (whissi).

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2017-08-21 01:20:14 UTC

Re-opening for remaining architecture.

Comment 5 Aaron Bauman (RETIRED) gentoo-dev

2017-10-08 20:34:28 UTC

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cf8f468602a503510b8ccb45b2a0c80f37c83949