Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP1
patchinfo.12584
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.12584
<patchinfo incident="12584"> <issue tracker="cve" id="2019-3835"/> <issue tracker="cve" id="2019-3839"/> <issue tracker="cve" id="2019-12973"/> <issue tracker="cve" id="2019-14811"/> <issue tracker="cve" id="2019-14812"/> <issue tracker="cve" id="2019-14813"/> <issue tracker="cve" id="2019-14817"/> <issue tracker="bnc" id="1134156">VUL-0: CVE-2019-3839: ghostscript,ghostscript-library: missing attack vector protections for CVE-2019-6116</issue> <issue tracker="bnc" id="1146884">VUL-0: CVE-2019-14817: ghostscript,ghostscript-library: Safer Mode Bypass by .forceput Exposure in .pdfexectoken and other procedures</issue> <issue tracker="bnc" id="1140359">VUL-1: CVE-2019-12973: openjpeg,ghostscript,ghostscript-library,openjpeg2: In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a de</issue> <issue tracker="bnc" id="1146882">VUL-0: CVE-2019-14811,CVE-2019-14812,CVE-2019-14813: ghostscript,ghostscript-library: multiple cases of Safer Mode Bypass by .forceput Exposure</issue> <issue tracker="bnc" id="1129180">VUL-1: CVE-2019-3835: ghostscript,ghostscript-library: superexec operator is available</issue> <issue tracker="bnc" id="1129186">VUL-0: CVE-2019-3838: ghostscript,ghostscript-library: forceput in DefineResource is still accessible</issue> <packager>WernerFink</packager> <rating>important</rating> <category>security</category> <summary>Security update for ghostscript</summary> <description>This update for ghostscript fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. (bsc#1129180) - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. (bsc#1134156) - CVE-2019-12973: Fixed a denial-of-service vulnerability in the OpenJPEG function opj_t1_encode_cblks. (bsc#1140359) - CVE-2019-14811: Fixed a safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator. (bsc#1146882) - CVE-2019-14812: Fixed a safer mode bypass by .forceput exposure in setuserparams. (bsc#1146882) - CVE-2019-14813: Fixed a safer mode bypass by .forceput exposure in setsystemparams. (bsc#1146882) - CVE-2019-14817: Fixed a safer mode bypass by .forceput exposure in .pdfexectoken and other procedures. (bsc#1146884) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor