|
Message-ID: <20180906125252.tfsfzfp2af3ztl3j@suse.de> Date: Thu, 6 Sep 2018 14:52:52 +0200 From: Marcus Meissner <meissner@...e.de> To: oss-security@...ts.openwall.com, taviso@...gle.com Subject: Re: Re: More Ghostscript Issues: Should we disable PS coders in policy.xml by default? Hi, Following CVEs have been assigned by Mitre: > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9 > # 699671 > handling /undefined results in SEGV CVE-2018-16510 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0edd3d6c63 > # 699659 missing type check in ztype CVE-2018-16511 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=78911a01b6 # > 699654 A /invalidaccess checks stop working after a failed restore > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5516c614dc33 # > 699654 B /invalidaccess checks stop working after a failed restore > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=79cccf641486 # > 699654 C /invalidaccess checks stop working after a failed restore > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=520bb0ea7519aa3e79db78aaf0589dae02103764 > 699654 D /invalidaccess checks stop working after a failed restore CVE-2018-16509 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b326a716 > # 699655 - missing type checking in setcolor CVE-2018-16513 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c3476dde > # 699656 - LockDistillerParams boolean missing type checks CVE-2018-15910 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a054156d42 > # 699658 - Bypassing PermitFileReading by handling undefinedfilename errors CVE-2018-16539 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0b6cd1918e1ec4ffd087400a754a845180a4522b > # 699660 - shading_param incomplete type checking > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6 > # 699660 - shading_param incomplete type checking CVE-2018-15909 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c432131c3f > # 699661 - pdf14 garbage collection memory corruption CVE-2018-16540 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=971472c83a345a16dac9f90f91258bb22dd77f22 > # 699663 - .setdistillerkeys memory corruption CVE Requested (this morning, will be assigned in some hours I expect) > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=241d911127 > # 699664 - corrupt device object after error in job CVE-2018-16541 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0d3901189f > # 699657 - .tempfile SAFER restrictions seem to be broken CVE-2018-15908 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8e9ce5016db968b40e4ec255a3005f2786cce45f > # 699665 - memory corruption in aesdecode CVE-2018-15911 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b575e1ec42 > # 699668 - .definemodifiedfont memory corruption if /typecheck is handled CVE-2018-16542 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b5536fa88a9e885032bc0df3852c3439399a5c0 > # 699670 gssetresolution memory corruption CVE-2018-16543 > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9 > # 699671 handling /undefined results in SEGV > http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9 > # 699676 PDF interpreter can leave dangerous operators available As its the same commit, I assume it is also covered by CVE-2018-16510 from bug 699671? I have not yet requested the current issue(s) you spotted. Ciao, Marcus
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.