USN-4686-1: Ghostscript vulnerabilities
7 January 2021
Several security issues were fixed in Ghostscript.
Releases
Packages
- ghostscript - PostScript and PDF interpreter
Details
It was discovered that Ghostscript incorrectly handled certain image
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could use this issue to cause
Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04
Ubuntu 16.04
In general, a standard system update will make all the necessary changes.
Related notices
- USN-4685-1: libopenjp2-7, libopenjpip7, libopenjpip-dec-server, libopenjp2-7-dev, libopenjpip-viewer, libopenjp3d7, openjpeg2, libopenjp2-tools, libopenjpip-server, libopenjp3d-tools
- USN-5952-1: libopenjp2-7, libopenjpip7, libopenjpip-dec-server, libopenjp2-7-dev, libopenjpip-viewer, libopenjp3d7, openjpeg2, libopenjp2-tools, libopenjpip-server, libopenjp3d-tools
- USN-4880-1: libopenjp2-7, libopenjpip7, libopenjpip-dec-server, libopenjp2-7-dev, libopenjpip-viewer, libopenjp3d7, openjpeg2, libopenjp2-tools, libopenjpip-server, libopenjp3d-tools
- USN-4497-1: libopenjp2-7, libopenjpip7, libopenjpip-dec-server, libopenjp2-7-dev, libopenjpip-viewer, libopenjp3d7, openjpeg2, libopenjp2-tools, libopenjpip-server, libopenjp3d-tools
- USN-5664-1: openjpip-dec-server, openjpeg, openjpip-server, libopenjpeg-dev, openjpip-viewer, openjpip-viewer-xerces, libopenjpeg-java, libopenjpeg5, openjpeg-tools
- USN-4782-1: libopenjp2-7, libopenjpip7, libopenjpip-dec-server, libopenjp2-7-dev, libopenjpip-viewer, libopenjp3d7, openjpeg2, libopenjp2-tools, libopenjpip-server, libopenjp3d-tools