Bug 599168

Summary: Ghostscript is vulnerable to CVE-2010-2055
Product: [Fedora] Fedora Reporter: M. Steinborn <gnugv_maintainer>
Component: ghostscriptAssignee: Tim Waugh <twaugh>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: low    
Version: rawhideCC: jlieskov, twaugh
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-06-03 14:21:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description M. Steinborn 2010-06-02 19:00:26 UTC 
AFAIK all versions of Ghostscript are vulnerable.

From version 8.64 (upstreamn without patches) up to current svn head things are even worse: The security option "-P-" is not working properly. See

https://bugzilla.novell.com/show_bug.cgi?id=608071

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183

for details.


Greetings

Markus Steinborn
GNU gv maintainer
Comment 1 Jan Lieskovsky 2010-06-03 14:21:59 UTC 
Thanks Markus, tracked now under:
    [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-2055

Closing this one as duplicate of it.

*** This bug has been marked as a duplicate of bug 599564 ***