Ubuntu Security Notice 6017-2 - USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.
5fdcd4372554a29fabe2932c2cce62f872a1a9eed160f0089423240348d4714a
==========================================================================
Ubuntu Security Notice USN-6017-2
April 26, 2023
ghostscript vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
Summary:
Ghostscript could be made to crash or run programs as your login if it
received a specially crafted input.
Software Description:
- ghostscript: PostScript and PDF interpreter
Details:
USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the
corresponding updates for Ubuntu 23.04.
Original advisory details:
Hadrien Perrineau discovered that Ghostscript incorrectly handled certain
inputs. An attacker could possibly use this issue to cause a denial of
service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
ghostscript 10.0.0~dfsg1-0ubuntu1.1
libgs10 10.0.0~dfsg1-0ubuntu1.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6017-2
https://ubuntu.com/security/notices/USN-6017-1
CVE-2023-28879
Package Information:
https://launchpad.net/ubuntu/+source/ghostscript/10.0.0~dfsg1-0ubuntu1.1