oem-qa team mailing list archive

Thread
Date

[Bug 352920] Re: Update ghostscript to version 8.61.dfsg.1-1ubuntu3.1

To: oem-qa@xxxxxxxxxxxxxxxxxxx
From: Brian Chidester <brian.chidester@xxxxxxxxxxxxx>
Date: Mon, 06 Apr 2009 19:55:34 -0000
Reply-to: Bug 352920 <352920@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: dell-mini
       Status: New => Confirmed

-- 
Update ghostscript to version 8.61.dfsg.1-1ubuntu3.1
https://bugs.launchpad.net/bugs/352920
You received this bug notification because you are a member of OEM
Services QA, which is subscribed to The Dell Mini Project.

Status in Dell Inspiron Mini with Custom Dell UI: Confirmed

Bug description:
OpenSSL is currently in version 8.61.dfsg.1-1ubuntu3. in dell-mini-hardy. It should be update to version 8.61.dfsg.1-1ubuntu3.1 to fix several security vulnerabilities. Generic hardy has been already been patched.



ghostscript (8.61.dfsg.1-1ubuntu3.1) hardy-security; urgency=low

  * SECURITY UPDATE: Arbitrary code execution due to integer overflows and
    insufficient upper-bounds checks in the ICC library
    - debian/patches/32_CVE-2009-0583_0584.dpatch: fix multiple integer
      overflows and perform bounds checking in icclib/icc.c.
    - CVE-2009-0583
    - CVE-2009-0584

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Mon, 23 Mar 2009 07:46:37 -0400