An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format.
Source RPM: (none) => ghostpcl-10.0.0-2.mga9.src.rpmWhiteboard: (none) => MGA8TOOAssignee: bugsquad => nicolas.salgueroCC: (none) => nicolas.salguero
Suggested advisory: ======================== The updated packages fix a security vulnerability: An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. (CVE-2023-38560) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38560 ======================== Updated package in 8/core/updates_testing: ======================== ghostpcl-9.53.3-2.1.mga8 from SRPM: ghostpcl-9.53.3-2.1.mga8.src.rpm Updated package in 9/core/updates_testing: ======================== ghostpcl-10.0.0-2.1.mga9 from SRPM: ghostpcl-10.0.0-2.1.mga9.src.rpm
Assignee: nicolas.salguero => qa-bugsStatus: NEW => ASSIGNED
MGA8-64 Xfce on Acer Aspire 5253 No installation issues Used sample file as indicated in bug 25780 Comment 2: $ gpcl6 sample.pcl End of page 1, press <enter> to continue. etc.... the file displays correctly page per page, OK.
CC: (none) => herman.viaeneWhiteboard: MGA8TOO => MGA8TOO MGA8-64-OK
MGA9-64 Plasma, i5-2500, Intel graphics, Acer 23.5-inch HD monitor. No installation issues. I still have the Kelly.pcl file I generated for bug 25780 comment 3, but when I tried Herman's command this is what I get: $ gpcl6 Kelly.pcl %%BoundingBox: 28 537 458 772 %%HiResBoundingBox: 28.560001 537.960021 457.440017 771.240029 End of page 1, press <enter> to continue. %%BoundingBox: 89 122 522 718 %%HiResBoundingBox: 89.880003 122.520005 521.760020 717.240027 End of page 2, press <enter> to continue. There was no display of the file at all. Results were similar with Herman's sample.pcl file, except it was 20 pages long. So, I tried another command, and this is what I got: $ pcl2pdfwr Kelly.pcl Kelly.pdf Usage for -d is -d<option>=[<integer>|<float>|null|true|false|name] So, either the commands have had major changes in this version, or something is very broken.
CC: (none) => andrewsfarm
TJ, Can you attach that file? I would like to have a look.
I'm not at that computer right now, but I will. I'm on my Probook 6550b at the moment, which has both MGA8-64 and MGA9-64 Plasma installs in a multi-boot situation. I can confirm that the gpcl6 command works properly with the newly downloaded sample.pcl file on MGA8, but does not on MGA9. In fact, the ghostpcl version originally shipped with MGA9 doesn't work, either.
Created attachment 13999 [details] An old letter in PCL format This is a 2002 letter and envelope to the outdoor writer of our local newspaper, speculating on the intelligence of deer hunters on opening day of gun season. The original letter would have been written using Microsoft Word in Windows 98SE. (I had only been using Mandrake for a short time, and would not have been comfortable using it for this kind of thing yet.) The writer has long since retired, the newspaper now has a different parent company, and the address has changed. But the question remains...
BTW, I'm aware that the letter includes my address. That's OK. I give my address out frequently. My business depends on me being easy to find.
Using TJ's file: $ gpcl6 Kelly.pcl End of page 1, press <enter> to continue. End of page 2, press <enter> to continue. Display is OK, no problems. I cann't see any reason to remove the OK.
OK for me too with Mageia 8. I'd be fine with sending the Mageia 8 update on its way. Mageia 9, however, is a different story. I can't get that to work at all. The original ghostpcl for Mageia 9 doesn't work for me, either. Nicolas, would it be possible to split this up, send the Mageia 8 update along, and just have a Mageia 9 bug?
I tried to fix the problem with ghostpcl for Mageia 9. Suggested advisory: ======================== The updated packages fix a security vulnerability: An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. (CVE-2023-38560) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38560 ======================== Updated package in 8/core/updates_testing: ======================== ghostpcl-9.53.3-2.1.mga8 from SRPM: ghostpcl-9.53.3-2.1.mga8.src.rpm Updated package in 9/core/updates_testing: ======================== ghostpcl-10.0.0-2.2.mga9 from SRPM: ghostpcl-10.0.0-2.2.mga9.src.rpm
MGA9-64 Plasma. No installation issues. Tried the command again: $ gpcl6 Kelly.pcl End of page 1, press <enter> to continue. End of page 2, press <enter> to continue. Warning: Missing charsets in String to FontSet conversion Warning: Cannot convert string "-efont-biwidth-medium-r-normal--16-*-*-*-*-*-iso10646-1,-gnu-unifont-medium-r-normal--16-*-*-*-*-*-iso10646-1,-adobe-helvetica-medium-r-normal--14-*-*-*-*-*-*-*,-jis-fixed-medium-r-*--16-*-*-*-*-*-jisx0208.1983-0,-*-*-medium-r-*--16-*-*-*-*-*-*-*,*" to type FontSet I suspect the above warnings are due to the original being in an old Word format, with an old Windows font. The document was displayed, and was readable. $ pcl2pdfwr Kelly.pcl Kelly.pdf Kelly.pdf was created, with no warnings. Looks OK to me now. Validating. Advisory in comment 10.
Keywords: (none) => validated_updateWhiteboard: MGA8TOO MGA8-64-OK => MGA8TOO MGA8-64-OK MGA9-64-OKCC: (none) => sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0267.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED