Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 332061 (CVE-2010-1628) - <app-text/ghostscript-gpl-8.71-r6: Multiple vulnerabilities (CVE-2010-{1628,2055})
Summary: <app-text/ghostscript-gpl-8.71-r6: Multiple vulnerabilities (CVE-2010-{1628,2...
Status: RESOLVED FIXED
Alias: CVE-2010-1628
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://bugs.ghostscript.com/show_bug....
Whiteboard: B2 [glsa]
Keywords:
: CVE-2010-2055 340493 (view as bug list)
Depends on:
Blocks:
 
Reported: 2010-08-10 14:51 UTC by Alex Legler (RETIRED)
Modified: 2014-12-13 17:55 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Build log (ghostscript-gpl-8.71-r6:20101018-162742.log,1.24 MB, text/plain)
2010-10-18 17:00 UTC, Agostino Sarubbo
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-10 14:51:57 UTC
CVE-2010-1628 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1628):
  Ghostscript 8.64, 8.70, and possibly other versions allows
  context-dependent attackers to execute arbitrary code via a
  PostScript file containing unlimited recursive procedure invocations,
  which trigger memory corruption in the stack of the interpreter.
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-10 14:53:04 UTC
This is not yet fixed in 8.71, but there's a patch upstream (bug in $URL) at

  http://bugs.ghostscript.com/attachment.cgi?id=6350
Comment 2 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-10 15:03:23 UTC
CVE-2010-2055 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2055):
  Ghostscript 8.71 and earlier reads initialization files from the
  current working directory, which allows local users to execute
  arbitrary PostScript commands via a Trojan horse file, related to
  improper support for the -P- option to the gs program.

Comment 3 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2010-08-10 15:04:06 UTC
For the second issue:

Patch:
  http://bugs.ghostscript.com/attachment.cgi?id=6441

Bug:
  http://bugs.ghostscript.com/show_bug.cgi?id=691350
Comment 4 Timo Gurr (RETIRED) gentoo-dev 2010-08-17 18:25:25 UTC
Thanks, fixed with ghostscript-gpl-8.71-r6. I took Dr. Werner Fink's patch from upstream bug #691350 for <=8.71.

=media-fonts/urw-fonts-2.4.9 needs to get stabilized along with ghostscript-gpl-8.71-r6. It is a new dependency over -r1 (replacing gnu-gs-fonts-std). ~mips is the only arch which still needs to keyword urw-fonts, see KEYWORDREQ bug #288861).
Comment 5 Stefan Behte (RETIRED) gentoo-dev Security 2010-09-03 20:44:04 UTC
Can this go stable now?
Comment 6 Timo Gurr (RETIRED) gentoo-dev 2010-09-06 13:20:21 UTC
(In reply to comment #5)
> Can this go stable now?

Yes please, stabilize:

=media-fonts/urw-fonts-2.4.9 (bug #288861)
=app-text/ghostscript-gpl-8.71-r6
Comment 7 Eray Aslan gentoo-dev 2010-10-17 17:00:37 UTC
*** Bug 340493 has been marked as a duplicate of this bug. ***
Comment 8 Timo Gurr (RETIRED) gentoo-dev 2010-10-18 14:21:55 UTC
Arches, please test and mark stable:

=media-fonts/urw-fonts-2.4.9 (bug #288861)
=app-text/ghostscript-gpl-8.71-r6

Target keywords for both packages: "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
Comment 9 Agostino Sarubbo gentoo-dev 2010-10-18 17:00:24 UTC
Created attachment 251139 [details]
Build log

everything seems to go through on amd64.

I know QA notice, but I do not know if they are known errors and/or if they are resolvable or not.
Comment 10 Jeroen Roovers (RETIRED) gentoo-dev 2010-10-19 02:13:33 UTC
Stable for HPPA.
Comment 11 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-10-19 13:11:47 UTC
x86 stable
Comment 12 Markos Chandras (RETIRED) gentoo-dev 2010-10-19 21:00:41 UTC
amd64 done
Comment 13 Brent Baude (RETIRED) gentoo-dev 2010-10-22 18:32:00 UTC
ppc64 done
Comment 14 Raúl Porcel (RETIRED) gentoo-dev 2010-10-23 16:40:03 UTC
alpha/arm/ia64/s390/sh/sparc stable
Comment 15 Brent Baude (RETIRED) gentoo-dev 2010-10-25 00:01:50 UTC
ppc done too
Comment 16 Tim Sammut (RETIRED) gentoo-dev 2011-01-02 03:17:52 UTC
Thanks, folks. GLSA request filed.
Comment 17 Andreas K. Hüttel archtester gentoo-dev 2011-06-03 21:42:40 UTC
Thanks guys. No vulnerable version in tree anymore. 
Nothing left to do for printing.
Comment 18 Sean Amoss (RETIRED) gentoo-dev Security 2012-01-18 22:07:23 UTC
*** Bug 322357 has been marked as a duplicate of this bug. ***
Comment 19 GLSAMaker/CVETool Bot gentoo-dev 2014-12-13 17:55:31 UTC
This issue was resolved and addressed in
 GLSA 201412-17 at http://security.gentoo.org/glsa/glsa-201412-17.xml
by GLSA coordinator Sean Amoss (ackle).