Debian Bug report logs -
#1033757
ghostscript: CVE-2023-28879
Package:
src:ghostscript;
Maintainer for src:ghostscript is Debian QA Group <packages@qadebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 31 Mar 2023 19:21:01 UTC
Severity: grave
Tags: security, upstream
Found in version ghost ...
Synopsis
Moderate: ghostscript security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for ghostscript is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this u ...
Synopsis
Moderate: ghostscript security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for ghostscript is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this u ...
It was discovered that Ghostscript, the GPL PostScript/PDF interpreter,
is prone to a buffer overflow vulnerability in the (T)BCP encoding
filters, which could result in the execution of arbitrary code if
malformed document files are processed (despite the -dSAFER sandbox
being enabled)
For the stable distribution (bullseye), this problem has been ...
In Artifex Ghostscript through 10010, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcpc This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are wr ...
In Artifex Ghostscript through 10010, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcpc This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are wr ...
DescriptionThe MITRE CVE dictionary describes this issue as: In Artifex Ghostscript through 10010, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcpc This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode If the write buffer is filled to one byte less than full, and o ...