FEDORA-2016-94bdf707d4 — security update for ghostscript

unpushed

ghostscript-9.16-5.fc23

FEDORA-2016-94bdf707d4 created by dkaspar 8 years ago for Fedora 23

Security fix for BZ #1380415.

IMPORTANT NOTE: This release of ghostscript is without OpenJPEG support. The support had to be temporarily disabled in order to deliver the security fix.

The support for OpenJPEG will be re-enabled as soon as possible.

You can test if your system is vulnerable by these steps:

Download the bash script for testing:
```
wget https://goo.gl/eyzZvG
```
Optional - check the validity of the script:
```
md5 ./bz1380415-test.sh
```
[md5 hash of the script - 4ae552b75bc30e21ff066603a911b5fe]

Make the script executable & run it:

chmod +x ./bz1380415-test.sh && ./bz1380415-test.sh

This update has been submitted for testing by dkaspar.

8 years ago

dkaspar edited this update.

8 years ago

This update has been pushed to testing.

8 years ago

dkaspar commented 8 years ago

This update has been unpushed.

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Thresholds

Minimum Karma

Minimum Testing

7 days

Dates

submitted

8 years ago

in testing

8 years ago

modified

8 years ago

Builds

ghostscript-9.16-5.fc23

BZ#1380415 CVE-2016-7977 ghostscript: .libfile does not honor -dSAFER

BZ#1380416 ghostscript: .libfile does not honor -dSAFER [fedora-all]

ghostscript-9.16-5.fc23

Automated Test Results

None