599168 – Ghostscript is vulnerable to CVE-2010-2055

Bug 599168 - Ghostscript is vulnerable to CVE-2010-2055

Summary: Ghostscript is vulnerable to CVE-2010-2055

Keywords:
Status:	CLOSED DUPLICATE of bug 599564
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	ghostscript
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	urgent
Target Milestone:	---
Assignee:	Tim Waugh
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-06-02 19:00 UTC by M. Steinborn
Modified:	2010-06-03 14:21 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-06-03 14:21:59 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description M. Steinborn 2010-06-02 19:00:26 UTC

AFAIK all versions of Ghostscript are vulnerable.

From version 8.64 (upstreamn without patches) up to current svn head things are even worse: The security option "-P-" is not working properly. See

https://bugzilla.novell.com/show_bug.cgi?id=608071

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183

for details.


Greetings

Markus Steinborn
GNU gv maintainer

Comment 1 Jan Lieskovsky 2010-06-03 14:21:59 UTC

Thanks Markus, tracked now under:
    [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2055

Closing this one as duplicate of it.

*** This bug has been marked as a duplicate of bug 599564 ***

Note You need to log in before you can comment on or make changes to this bug.