Bug 491853 (CVE-2009-0792)
| Summary: | CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583 | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> | ||||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | |||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | unspecified | CC: | gwync, kreilly, mbacovsk, mjc, security-response-team, twaugh | ||||||
| Target Milestone: | --- | Keywords: | Security | ||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2010-07-13 14:26:22 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | 491854, 491855, 491856, 491857, 491858, 495915, 495916, 495917 | ||||||||
| Bug Blocks: | |||||||||
| Attachments: |
|
||||||||
|
Description
Jan Lieskovsky
2009-03-24 13:21:42 UTC
Created attachment 338699 [details]
Updated ghostscript-CVE-2009-0792.patch (adds checks for all 'floor' occurences)
Created attachment 338705 [details] Updated Argyllcms CVE-2009-0792 (all changes in one file) patch argyllcms has now been built with this patch for rawhide, F-10 and F-9, and Bodhi updates for F-10 and F-9 have been created. argyllcms-1.0.3-4.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. argyllcms-1.0.3-4.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:0421 https://rhn.redhat.com/errata/RHSA-2009-0421.html ghostscript-8.63-3.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/ghostscript-8.63-3.fc9 ghostscript-8.63-6.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. ghostscript-8.63-3.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. Turns out I added the patch to argyllcms but failed to apply it. Built in rawhide, others are on their way. My apologies for the mixup. Rel-eng ticket filed for Freeze Exception. https://fedorahosted.org/rel-eng/ticket/1497 argyllcms-1.0.3-5.fc9 has been submitted as an update for Fedora 9. http://admin.fedoraproject.org/updates/argyllcms-1.0.3-5.fc9 argyllcms-1.0.3-5.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/argyllcms-1.0.3-5.fc10 argyllcms-1.0.3-5.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. argyllcms-1.0.3-5.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. |