[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180906125252.tfsfzfp2af3ztl3j@suse.de>
Date: Thu, 6 Sep 2018 14:52:52 +0200
From: Marcus Meissner <meissner@...e.de>
To: oss-security@...ts.openwall.com, taviso@...gle.com
Subject: Re: Re: More Ghostscript Issues: Should we disable PS
coders in policy.xml by default?
Hi,
Following CVEs have been assigned by Mitre:
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9
> # 699671
> handling /undefined results in SEGV
CVE-2018-16510
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0edd3d6c63
> # 699659 missing type check in ztype
CVE-2018-16511
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=78911a01b6 #
> 699654 A /invalidaccess checks stop working after a failed restore
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5516c614dc33 #
> 699654 B /invalidaccess checks stop working after a failed restore
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=79cccf641486 #
> 699654 C /invalidaccess checks stop working after a failed restore
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=520bb0ea7519aa3e79db78aaf0589dae02103764
> 699654 D /invalidaccess checks stop working after a failed restore
CVE-2018-16509
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b326a716
> # 699655 - missing type checking in setcolor
CVE-2018-16513
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c3476dde
> # 699656 - LockDistillerParams boolean missing type checks
CVE-2018-15910
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a054156d42
> # 699658 - Bypassing PermitFileReading by handling undefinedfilename errors
CVE-2018-16539
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0b6cd1918e1ec4ffd087400a754a845180a4522b
> # 699660 - shading_param incomplete type checking
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6
> # 699660 - shading_param incomplete type checking
CVE-2018-15909
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c432131c3f
> # 699661 - pdf14 garbage collection memory corruption
CVE-2018-16540
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=971472c83a345a16dac9f90f91258bb22dd77f22
> # 699663 - .setdistillerkeys memory corruption
CVE Requested (this morning, will be assigned in some hours I expect)
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=241d911127
> # 699664 - corrupt device object after error in job
CVE-2018-16541
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0d3901189f
> # 699657 - .tempfile SAFER restrictions seem to be broken
CVE-2018-15908
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8e9ce5016db968b40e4ec255a3005f2786cce45f
> # 699665 - memory corruption in aesdecode
CVE-2018-15911
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b575e1ec42
> # 699668 - .definemodifiedfont memory corruption if /typecheck is handled
CVE-2018-16542
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b5536fa88a9e885032bc0df3852c3439399a5c0
> # 699670 gssetresolution memory corruption
CVE-2018-16543
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9
> # 699671 handling /undefined results in SEGV
> http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9
> # 699676 PDF interpreter can leave dangerous operators available
As its the same commit, I assume it is also covered by CVE-2018-16510 from bug 699671?
I have not yet requested the current issue(s) you spotted.
Ciao, Marcus
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
