USN-6017-2: Ghostscript vulnerability
26 April 2023
Ghostscript could be made to crash or run programs as your login if it received a specially crafted input.
Releases
Packages
- ghostscript - PostScript and PDF interpreter
Details
USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the
corresponding updates for Ubuntu 23.04.
Original advisory details:
Hadrien Perrineau discovered that Ghostscript incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.04
In general, a standard system update will make all the necessary changes.
References
Related notices
- USN-6017-1: ghostscript-x, ghostscript, libgs-dev, libgs9-common, libgs9, ghostscript-doc