UbuntuUpdates.org

Bugs fixes in "ghostscript"

Origin Bug number Title Date fixed
CVE CVE-2021-45949 Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). 2022-01-12
CVE CVE-2021-45944 Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). 2022-01-12
CVE CVE-2021-45949 Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). 2022-01-12
CVE CVE-2021-45944 Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). 2022-01-12
CVE CVE-2021-45949 Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). 2022-01-12
CVE CVE-2021-45944 Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). 2022-01-12
Launchpad 1913656 `gs [options] -- \u003cinput_file\u003e` fails with \ 2021-11-25
Launchpad 1913656 `gs [options] -- \u003cinput_file\u003e` fails with \ 2021-11-17
CVE CVE-2021-3781 Include device specifier strings in access validation 2021-09-10
CVE CVE-2021-3781 Include device specifier strings in access validation 2021-09-10
CVE CVE-2020-27845 There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conver 2021-01-07
CVE CVE-2020-27843 A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encodin 2021-01-07
CVE CVE-2020-27842 There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg coul 2021-01-07
CVE CVE-2020-27841 There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by t 2021-01-07
CVE CVE-2020-27824 global-buffer-overflow read in lib-openjp2 2021-01-07
CVE CVE-2020-8112 opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different 2021-01-07
CVE CVE-2020-6851 OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimen 2021-01-07
CVE CVE-2018-5727 In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage thi 2021-01-07
CVE CVE-2020-27845 There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conver 2021-01-07
CVE CVE-2020-27843 A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encodin 2021-01-07



About   -   Send Feedback to @ubuntu_updates