[Git][security-tracker-team/security-tracker][master] CVE-2019-1481{1,2,3}/ghostscript fixed with 9.28~~rc2~dfsg-1

Salvatore Bonaccorso carnil at debian.org
Sat Sep 7 13:52:20 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c0405a0 by Salvatore Bonaccorso at 2019-09-07T12:50:33Z
CVE-2019-1481{1,2,3}/ghostscript fixed with 9.28~~rc2~dfsg-1

Since 9.28 this will be more like a hardening, but still the issues were
unfixed up to 9.28~rc2 upstream. The issues cannot be considered fixed
with the mitigation and rewrite of the dSAFER handling.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3575,7 +3575,7 @@ CVE-2019-14814
 	RESERVED
 	- linux <unfixed>
 CVE-2019-14813 (A flaw was found in ghostscript, versions 9.x before 9.28, in the sets ...)
-	- ghostscript <unfixed>
+	- ghostscript 9.28~~rc2~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701443
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
 	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
@@ -3584,7 +3584,7 @@ CVE-2019-14813 (A flaw was found in ghostscript, versions 9.x before 9.28, in th
 	NOTE: which changed the access to file permissions.
 CVE-2019-14812
 	RESERVED
-	- ghostscript <unfixed>
+	- ghostscript 9.28~~rc2~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701444
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
 	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
@@ -3592,7 +3592,7 @@ CVE-2019-14812
 	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
 	NOTE: which changed the access to file permissions.
 CVE-2019-14811 (A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_h ...)
-	- ghostscript <unfixed>
+	- ghostscript 9.28~~rc2~dfsg-1
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701445
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
 	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c0405a0e56053f7dd3ae2aa1e935fb949f791cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2c0405a0e56053f7dd3ae2aa1e935fb949f791cd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190907/fb1fffc6/attachment.html>

More information about the debian-security-tracker-commits mailing list