Fwd: [Redhat-Bug 599168] New: Ghostscript is vulnerable to CVE-2010-2055

4 views
Skip to first unread message

Markus Steinborn

unread,
Jun 2, 2010, 3:21:19 PM6/2/10
to bug-gho...@gnu.org
As AFAIK every upstream version is vulnerable, GNU ghostscript is
vulnerable, too.
.

Summary: Ghostscript is vulnerable to CVE-2010-2055

https://bugzilla.redhat.com/show_bug.cgi?id=599168

Summary: Ghostscript is vulnerable to CVE-2010-2055
Platform: All
OS/Version: Linux
Severity: urgent
Priority: low

AFAIK all versions of Ghostscript are vulnerable.

> From version 8.64 (upstreamn without patches) up to current svn head things are
even worse: The security option "-P-" is not working properly. See

https://bugzilla.novell.com/show_bug.cgi?id=608071

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183

and https://bugzilla.redhat.com/show_bug.cgi?id=599168


for details.


Greetings

Markus Steinborn
GNU gv maintainer

Reply all
Reply to author
Forward
0 new messages