registry team mailing list archive

Thread
Date

[Bug 546009] Re: Multiple memory corruption vulnerabilities in Ghostscript

To: registry@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <546009@xxxxxxxxxxxxxxxxxx>
Date: Tue, 13 Jul 2010 18:04:33 -0000
Reply-to: Bug 546009 <546009@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package ghostscript - 8.71.dfsg.1-0ubuntu5.2

---------------
ghostscript (8.71.dfsg.1-0ubuntu5.2) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via unlimited recursive
    procedure invocations (LP: #546009)
    - debian/patches/CVE-2010-1628.dpatch: only initialize structures if
      all allocations were successful in psi/ialloc.c, psi/idosave.h,
      psi/isave.c.
    - CVE-2010-1628
 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>   Fri, 09 Jul 2010 08:06:19 -0400

** Changed in: ghostscript (Ubuntu)
       Status: Confirmed => Fix Released

-- 
Multiple memory corruption vulnerabilities in Ghostscript
https://bugs.launchpad.net/bugs/546009
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for GS-GPL.