| Errata ID | 517 |
|---|---|
| Date | 2018-09-19 |
| Source package | ghostscript |
| Fixed in version | 9.06~dfsg-2+deb8u8 |
| Description | This update addresses the following issues: * status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files (CVE-2018-11645) * .tempfile file permission issues (CVE-2018-15908) * shading_param incomplete type checking (CVE-2018-15909) * LockDistillerParams type confusion (CVE-2018-15910) * uninitialized memory access in the aesdecode operator (CVE-2018-15911) * /invalidaccess bypass after failed restore (CVE-2018-16509) * missing type check in type checker (CVE-2018-16511) * setcolor missing type check (CVE-2018-16513) * incorrect access checking in temp file handling to disclose contents of files (CVE-2018-16539) * use-after-free in copydevice handling (CVE-2018-16540) * incorrect free logic in pagedevice replacement (CVE-2018-16541) * .definemodifiedfont memory corruption if /typecheck is handled (CVE-2018-16542) * .setdistillerkeys PostScript command is accepted even though it is not intended for use (CVE-2018-16585) * Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802) |
| Additional notes | |
| CVE ID | CVE-2018-11645 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16585 CVE-2018-16802 |
| UCS Bug number | #47832 |
