MGASA-2023-0134

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0134.html

Import Source

https://advisories.mageia.org/MGASA-2023-0134.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2023-0134

Related

CVE-2023-28879

Published

2023-04-11T19:02:20Z

Modified

2023-04-11T17:55:10Z

Summary

Updated ghostscript packages fix security vulnerability

Details

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. (CVE-2023-28879)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / ghostscript

Package

Name: ghostscript
Purl: pkg:rpm/mageia/ghostscript?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.53.3-2.4.mga8

Ecosystem specific

{
    "section": "core"
}