USN-4686-1: Ghostscript vulnerabilities
7 January 2021
Several security issues were fixed in Ghostscript.
Releases
Packages
- ghostscript - PostScript and PDF interpreter
Details
It was discovered that Ghostscript incorrectly handled certain image
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could use this issue to cause
Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.
Related notices
- USN-4685-1: libopenjp2-7, libopenjpip-dec-server, libopenjp3d7, libopenjpip-viewer, openjpeg2, libopenjp2-7-dev, libopenjpip-server, libopenjp2-tools, libopenjp3d-tools, libopenjpip7
- USN-5952-1: libopenjp2-7, libopenjpip-dec-server, libopenjp3d7, libopenjpip-viewer, openjpeg2, libopenjp2-7-dev, libopenjpip-server, libopenjp2-tools, libopenjp3d-tools, libopenjpip7
- USN-4880-1: libopenjp2-7, libopenjpip-dec-server, libopenjp3d7, libopenjpip-viewer, openjpeg2, libopenjp2-7-dev, libopenjpip-server, libopenjp2-tools, libopenjp3d-tools, libopenjpip7
- USN-4497-1: libopenjp2-7, libopenjpip-dec-server, libopenjp3d7, libopenjpip-viewer, openjpeg2, libopenjp2-7-dev, libopenjpip-server, libopenjp2-tools, libopenjp3d-tools, libopenjpip7
- USN-5664-1: openjpeg-tools, libopenjpeg-java, libopenjpeg-dev, openjpeg, openjpip-viewer-xerces, libopenjpeg5, openjpip-dec-server, openjpip-server, openjpip-viewer
- USN-4782-1: libopenjp2-7, libopenjpip-dec-server, libopenjp3d7, libopenjpip-viewer, openjpeg2, libopenjp2-7-dev, libopenjpip-server, libopenjp2-tools, libopenjp3d-tools, libopenjpip7