openSUSE has issued an advisory on February 12: https://lists.opensuse.org/opensuse-updates/2018-02/msg00039.html The SUSE bug has a link to the upstream commit that fixed the issue: https://bugzilla.suse.com/show_bug.cgi?id=1032230 Mageia 5 and Mageia 6 are also affected.
Whiteboard: (none) => MGA6TOO
Status comment: (none) => Patches available from openSUSE and upstream
Assigning to all packagers collectively, since there is no registered maintainer for this package.
Assignee: bugsquad => pkg-bugsCC: (none) => marja11
CC: (none) => smelrorCVE: (none) => CVE-2016-10317Assignee: pkg-bugs => smelror
Advisory ======== This update fixes CVE-2016-10317. The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. References ========== https://nvd.nist.gov/vuln/detail/CVE-2016-10317 Files ===== The following files has been uploaded to core/updates_testing ghostscript-9.22-1.2.mga6 ghostscript-X-9.22-1.2.mga6 ghostscript-common-9.22-1.2.mga6 ghostscript-doc-9.22-1.2.mga6 ghostscript-dvipdf-9.22-1.2.mga6 ghostscript-module-X-9.22-1.2.mga6 from ghostscript-9.22-1.2.mga6.src.rpm
Version: Cauldron => 6Whiteboard: MGA6TOO => (none)Assignee: smelror => qa-bugs
Cauldron has been updated to ghostscript-9.22-3.mga7. Cheers, Stig
Mageia 6 :: x86_64 The ghostscript packages updated cleanly. Added whatever was missing. Examined a postscript file. $ gs tmp/abc-0.ps GPL Ghostscript 9.22 (2017-10-04) Copyright (C) 2017 Artifex Software, Inc. All rights reserved. This software comes with NO WARRANTY: see the file PUBLIC for details. Querying operating system for font files... Can't find (or can't open) font file /usr/share/ghostscript/9.22/Resource/Font/Gunplay3D. Can't find (or can't open) font file Gunplay3D. Loading Gunplay3D font from /usr/share/fonts/drakfont/tmp/tmp/gunplay3.ttf... 4323612 2917313 5752560 4394808 3 done. A page of labels was displayed. $ dvipdf docs/software/refcard.dvi refcard.pdf There were warnings that the output would be of poor quality but with $ xpdf refcard.pdf the quality looked pretty good. The result was a six page GNU Emacs Reference. Copied local type1 fontfiles *.{afm,pfb} to /usr/share/fonts/default/ghostscript/ and moved to that directory and ran $ sudo type1inst to generate the Fontmap, etc files needed for the next test. As user created a page of labels with various type1 fonts and printed it. $ lpr -Pokda tmp/abc-0.ps It looked fine both on the screen and on paper. Don't know what else can be done to test this. It looks good to me.
Whiteboard: (none) => MGA6-64-OKCC: (none) => tarazed25
Adding a Mageia 5 build for this update. (Same version/release just with mga5). Advisory: ======================== Updated ghostscript packages fix security vulnerability: The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document (CVE-2016-10317). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10317 https://lists.opensuse.org/opensuse-updates/2018-02/msg00039.html
Status comment: Patches available from openSUSE and upstream => (none)Severity: normal => majorWhiteboard: MGA6-64-OK => MGA5TOO MGA6-64-OK
Advisory committed to svn. Testing on Mageia 5 needed before validating.
CC: (none) => davidwhodginsKeywords: (none) => advisory
Mageia 5 -> x86_64, real hardware. (Athlon X2 7750, nvidia340 graphics, atheros wifi) Ghostscript and all other pending update packages installed cleanly. Downloaded a three-page sample file from the Web, containing both text and graphics. Loaded into GIMP, which I believe uses Ghostscript to render .ps files. File loaded as three layers, one for each page. Printed one page on an Officejet 6110 printer, looked good. Loaded into Okular, which I believe also uses Ghostscript to render .ps files. Printed two pages on a Deskjet 5650 printer, using duplexer. All looked good. I don't know how else to test this, either. Looks OK on MGA5.
CC: (none) => andrewsfarmWhiteboard: MGA5TOO MGA6-64-OK => MGA5TOO MGA6-64-OK MGA5-64-OK
@TJ comment 7: Just checked okular under Mageia 5 and can confirm that ghostscript is involved. cat trace | grep "ghost" | less stat("/usr/share/fonts/default/ghostscript", {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0 open("/usr/share/fonts/default/ghostscript", O_RDONLY|O_CLOEXEC) = 6 access("/usr/lib64/kde4/okularGenerator_ghostview.so", R_OK) = 0 stat("/usr/lib64/kde4/okularGenerator_ghostview.so", {st_mode=S_IFREG|0755, st_size=58880, ...}) = 0 and these calls were noted also: open("/lib64/libgs.so.9", O_RDONLY|O_CLOEXEC) = 12 open("/lib64/libgssapi_krb5.so.2", O_RDONLY|O_CLOEXEC) = 12 Validating the update.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
$ urpmq --requires-recursive okular | grep gs also shows lib64gs9.
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0142.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED