[Git][security-tracker-team/security-tracker][master] CVE-2020-16304,CVE-2020-16309/ghostscript: reference PoC/vector limitation
Sylvain Beucler
beuc at debian.org
Thu Aug 20 01:00:35 BST 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
30e1a295 by Sylvain Beucler at 2020-08-20T02:00:09+02:00
CVE-2020-16304,CVE-2020-16309/ghostscript: reference PoC/vector limitation
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16334,6 +16334,7 @@ CVE-2020-16309 (A buffer overflow vulnerability in lxm5700m_print_page() in devi
- ghostscript 9.51~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701827
NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6f7464dddc689386668a38b92dfd03cc1b38a10 (9.51)
+ NOTE: PoC requires de8b6458abaeb9d0b14f02377f3e617f2854e647 (9.27) to trigger
CVE-2020-16308 (A buffer overflow vulnerability in p_print_image() in devices/gdevcdj. ...)
- ghostscript 9.51~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701829
@@ -16354,6 +16355,7 @@ CVE-2020-16304 (A buffer overflow vulnerability in image_render_color_thresh() i
- ghostscript 9.51~dfsg-1
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=027c546e0dd11e0526f1780a7f3c2c66acffe209 (9.51)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701816
+ NOTE: PoC requires de8b6458abaeb9d0b14f02377f3e617f2854e647 (9.27) to trigger
CVE-2020-16303 (A use-after-free vulnerability in xps_finish_image_path() in devices/v ...)
- ghostscript 9.51~dfsg-1
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701818
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e1a2954e93dd182580ac0b68c3979511d44a46
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e1a2954e93dd182580ac0b68c3979511d44a46
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200820/c711b7f6/attachment.html>
More information about the debian-security-tracker-commits
mailing list