USN-4686-1: Ghostscript vulnerabilities
7 January 2021
Several security issues were fixed in Ghostscript.
Releases
Packages
- ghostscript - PostScript and PDF interpreter
Details
It was discovered that Ghostscript incorrectly handled certain image
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could use this issue to cause
Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.
Related notices
- USN-4685-1: libopenjp3d-tools, libopenjpip-server, libopenjpip-viewer, libopenjp2-7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, openjpeg2, libopenjpip-dec-server, libopenjpip7
- USN-5952-1: libopenjp3d-tools, libopenjpip-server, libopenjpip-viewer, libopenjp2-7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, openjpeg2, libopenjpip-dec-server, libopenjpip7
- USN-4880-1: libopenjp3d-tools, libopenjpip-server, libopenjpip-viewer, libopenjp2-7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, openjpeg2, libopenjpip-dec-server, libopenjpip7
- USN-4497-1: libopenjp3d-tools, libopenjpip-server, libopenjpip-viewer, libopenjp2-7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, openjpeg2, libopenjpip-dec-server, libopenjpip7
- USN-5664-1: libopenjpeg5, openjpip-server, openjpeg, libopenjpeg-java, libopenjpeg-dev, openjpip-viewer-xerces, openjpeg-tools, openjpip-viewer, openjpip-dec-server
- USN-4782-1: libopenjp3d-tools, libopenjpip-server, libopenjpip-viewer, libopenjp2-7, libopenjp3d7, libopenjp2-tools, libopenjp2-7-dev, openjpeg2, libopenjpip-dec-server, libopenjpip7