USN-4686-1: Ghostscript vulnerabilities
7 January 2021
Several security issues were fixed in Ghostscript.
Releases
Packages
- ghostscript - PostScript and PDF interpreter
Details
It was discovered that Ghostscript incorrectly handled certain image
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could use this issue to cause
Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.
Related notices
- USN-4685-1: openjpeg2, libopenjp2-7-dev, libopenjp3d7, libopenjpip-server, libopenjpip7, libopenjp2-7, libopenjpip-dec-server, libopenjp3d-tools, libopenjpip-viewer, libopenjp2-tools
- USN-5952-1: openjpeg2, libopenjp2-7-dev, libopenjp3d7, libopenjpip-server, libopenjpip7, libopenjp2-7, libopenjpip-dec-server, libopenjp3d-tools, libopenjpip-viewer, libopenjp2-tools
- USN-4880-1: openjpeg2, libopenjp2-7-dev, libopenjp3d7, libopenjpip-server, libopenjpip7, libopenjp2-7, libopenjpip-dec-server, libopenjp3d-tools, libopenjpip-viewer, libopenjp2-tools
- USN-4497-1: openjpeg2, libopenjp2-7-dev, libopenjp3d7, libopenjpip-server, libopenjpip7, libopenjp2-7, libopenjpip-dec-server, libopenjp3d-tools, libopenjpip-viewer, libopenjp2-tools
- USN-5664-1: openjpeg, libopenjpeg-dev, libopenjpeg5, openjpip-server, openjpip-viewer-xerces, openjpip-viewer, openjpeg-tools, openjpip-dec-server, libopenjpeg-java
- USN-4782-1: openjpeg2, libopenjp2-7-dev, libopenjp3d7, libopenjpip-server, libopenjpip7, libopenjp2-7, libopenjpip-dec-server, libopenjp3d-tools, libopenjpip-viewer, libopenjp2-tools