Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 618818 (CVE-2017-6196)

Summary: <app-text/ghostscript-gpl-9.21: Multiple Vulnerabilities (CVE-2017-6196)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: printing
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [glsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 616814    
Bug Blocks:    

Description GLSAMaker/CVETool Bot gentoo-dev 2017-05-18 06:47:18 UTC
CVE-2017-6196 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6196):
  Multiple use-after-free vulnerabilities in the gx_image_enum_begin function
  in base/gxipixel.c in Ghostscript before
  ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a
  denial of service (application crash) or possibly have unspecified other
  impact via a crafted PostScript document.
Comment 1 Andreas K. Hüttel gentoo-dev 2017-06-09 22:57:11 UTC
Version bump pushed.
Comment 2 Yury German Gentoo Infrastructure gentoo-dev Security 2017-08-02 16:06:57 UTC
Added to an existing GLSA Request.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2017-08-21 01:16:55 UTC
This issue was resolved and addressed in
 GLSA 201708-06 at https://security.gentoo.org/glsa/201708-06
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 4 Thomas Deutschmann gentoo-dev Security 2017-08-21 01:20:14 UTC
Re-opening for remaining architecture.