USN-4686-1: Ghostscript vulnerabilities
7 January 2021
Several security issues were fixed in Ghostscript.
Releases
Packages
- ghostscript - PostScript and PDF interpreter
Details
It was discovered that Ghostscript incorrectly handled certain image
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could use this issue to cause
Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.
Related notices
- USN-4685-1: libopenjpip-dec-server, libopenjpip-server, libopenjp3d-tools, libopenjpip7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, libopenjp2-7, openjpeg2, libopenjpip-viewer
- USN-5952-1: libopenjpip-dec-server, libopenjpip-server, libopenjp3d-tools, libopenjpip7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, libopenjp2-7, openjpeg2, libopenjpip-viewer
- USN-4880-1: libopenjpip-dec-server, libopenjpip-server, libopenjp3d-tools, libopenjpip7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, libopenjp2-7, openjpeg2, libopenjpip-viewer
- USN-4497-1: libopenjpip-dec-server, libopenjpip-server, libopenjp3d-tools, libopenjpip7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, libopenjp2-7, openjpeg2, libopenjpip-viewer
- USN-5664-1: openjpip-viewer, libopenjpeg5, openjpip-viewer-xerces, libopenjpeg-java, openjpip-dec-server, openjpip-server, openjpeg, openjpeg-tools, libopenjpeg-dev
- USN-4782-1: libopenjpip-dec-server, libopenjpip-server, libopenjp3d-tools, libopenjpip7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, libopenjp2-7, openjpeg2, libopenjpip-viewer