Your submission was sent successfully! Close

USN-5396-2: Ghostscript vulnerability

8 June 2022

Ghostscript could be made to crash, access files, or run programs if it opened a specially crafted file.

Releases

Packages

Details

USN-5396-1 addressed a vulnerability in Ghostscript. This update
provides the corresponding update for Ubuntu 16.04 ESM.

Original advisory details:

It was discovered that Ghostscript incorrectly handled certain PostScript
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could possibly use this issue to
access arbitrary files, execute arbitrary code, or cause a denial of
service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-5396-1: libgs9, ghostscript, ghostscript-doc, libgs-dev, ghostscript-x, libgs9-common