| Summary: | ghostscript new security issue CVE-2023-46751 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Nicolas Salguero <nicolas.salguero> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, fri, ghibomgx, herman.viaene, mageia, marja11, sysadmin-bugs |
| Version: | 9 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA9-64-OK | ||
| Source RPM: | ghostscript-10.00.0-6.3.mga9.src.rpm | CVE: | CVE-2023-46751 |
| Status comment: | Packages in commen#3 | ||
|
Description
Nicolas Salguero
2023-12-12 17:43:54 CET
Nicolas Salguero
2023-12-12 17:44:34 CET
Source RPM:
(none) =>
ghostscript-10.00.0-6.3.mga9.src.rpm
Nicolas Salguero
2023-12-12 17:48:20 CET
Assignee:
bugsquad =>
nicolas.salguero Suggested advisory: ======================== The updated packages fix a security vulnerability: An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. (CVE-2023-46751) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46751 https://ubuntu.com/security/notices/USN-6551-1 ======================== Updated packages in core/updates_testing: ======================== ghostscript-10.00.0-6.4.mga9 ghostscript-X-10.00.0-6.4.mga9 ghostscript-common-10.00.0-6.4.mga9 ghostscript-doc-10.00.0-6.4.mga9 ghostscript-dvipdf-10.00.0-6.4.mga9 ghostscript-module-X-10.00.0-6.4.mga9 lib64gs10-10.00.0-6.4.mga9 lib64gs-devel-10.00.0-6.4.mga9 lib64ijs1-0.35-173.3.mga9 lib64ijs-devel-0.35-173.3.mga9 from SRPM: ghostscript-10.00.0-6.4.mga9.src.rpm Assignee:
nicolas.salguero =>
qa-bugs
Marja Van Waes
2023-12-13 12:04:01 CET
CVE:
(none) =>
CVE-2023-46751 Advisory from comment 1 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete" Keywords:
(none) =>
advisory Suggested advisory: ======================== The updated packages fix a security vulnerability: An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. (CVE-2023-46751) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46751 https://ubuntu.com/security/notices/USN-6551-1 ======================== Updated packages in core/updates_testing: ======================== ghostscript-10.00.0-6.4.mga9 ghostscript-X-10.00.0-6.4.mga9 ghostscript-common-10.00.0-6.4.mga9 ghostscript-doc-10.00.0-6.4.mga9 ghostscript-dvipdf-10.00.0-6.4.mga9 ghostscript-module-X-10.00.0-6.4.mga9 lib(64)gs10-10.00.0-6.4.mga9 lib(64)gs-devel-10.00.0-6.4.mga9 lib(64)ijs1-0.35-173.4.mga9 lib(64)ijs-devel-0.35-173.4.mga9 from SRPM: ghostscript-10.00.0-6.4.mga9.src.rpm
katnatek
2023-12-13 23:06:57 CET
Status comment:
(none) =>
Packages in commen#3 Tested on Real Hardware Mageia 9 x86_64 In current version, open a pdf with gs filepdf.pdf The pdf open in a window, resize the window and the image in current page is repeated 6 times Update to testing versions without issues Open same pdf with gs filepdf.pdf The pdf open in a window, resize the window and the image in current page is repeated 6 times Not found POC, don't know what more test Confirm that the behavior as described in Comment 4 still exists in the test versions. CC:
(none) =>
herman.viaene As comment#4 is not a regression, I set the OK, maybe we must open a new bug once this packages become official updates Whiteboard:
(none) =>
MGA9-64-OK
PC LX
2023-12-15 02:25:23 CET
CC:
(none) =>
mageia I also see the problem described in comment 4 but it the duplication of content seem not limited - on my 4kScreen i could get 5 copies i width, two in height. Maybe not a bug, but as designed. Should be checked on other systems or with upstream before making a bug. CC:
(none) =>
fri Wouldn't be easier to backport just ghostscript 10.02.1 to mga9 which already includes the fixes? I'm using it locally since a while, without problems. CC:
(none) =>
ghibomgx To me, backport seem logical. I'd be OK with that. But you still need a new bug for the backport request. Validating this one, to get this security fix out. CC:
(none) =>
andrewsfarm, sysadmin-bugs (In reply to Thomas Andrews from comment #10) > I'd be OK with that. But you still need a new bug for the backport request. > > Validating this one, to get this security fix out. Sorry, I mistyped, it's not a backport request, but a suggestions to use directly the ghostscript 10.02.1 as version for core/updates, that already include the fixes (and also other improvements) and thus avoiding to backport the single security patches. From what I could test 10.02.1 worked flawlessly (and seems even better than the original 10.00.0), and shouldn't have break the API. (In reply to Giuseppe Ghibò from comment #11) > (In reply to Thomas Andrews from comment #10) > > > I'd be OK with that. But you still need a new bug for the backport request. > > > > Validating this one, to get this security fix out. > > Sorry, I mistyped, it's not a backport request, but a suggestions to use with "backport request" I thought request for "core/backports", which is not what I intended. OK, I see. So, suppose I leave the validation to get the security patch out - as long as it's here, tested, and ready - and you file a new bug to update to 10.02.1 for the bugfixes? Does that make sense to you? (In reply to Thomas Andrews from comment #13) > OK, I see. > > So, suppose I leave the validation to get the security patch out - as long > as it's here, tested, and ready - and you file a new bug to update to > 10.02.1 for the bugfixes? > > Does that make sense to you? Yes, if the bug is resolved we can validate this one and keep 10.02.1 for next rounds. With the 10.02.1 indeed I never saw the multiple pages as reported on comment 4. An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0351.html Status:
ASSIGNED =>
RESOLVED |