Opened 14 years ago

Closed 14 years ago

#2488 closed defect (fixed)

ESP Ghostscript security issue

Reported by: Randy McMurchy Owned by: blfs-book@…
Priority: high Milestone: 6.3
Component: BOOK Version: SVN
Severity: major Keywords:
Cc:

Description

Alexander wrote in BLFS-Dev:

Randy McMurchy wrote:

The short answer is that ESP GS will probably stay in the book as is until after BLFS-6.3 has been released.

Even though my FreeBSD installation received a security advisory (stack-based buffer overflow) against a newer (8.61) GPL version of Ghostscript? See http://scary.beasts.org/security/CESA-2008-001.html, it applies to Linux, too.

There's a patch that is reported to fix it. This patch should be tested and implemented into the book if it works as expected.

Here is the patch (from http://bugs.gentoo.org/attachment.cgi?id=143467):

--- src/zicc.c +++ src/zicc.c 2008-02-05 16:11:59.000000000 +0000 @@ -77,6 +77,9 @@ zseticcspace(i_ctx_t * i_ctx_p)

dict_find_string(op, "N", &pnval); ncomps = pnval->value.intval;

+ if (2*ncomps > sizeof(range_buff)/sizeof(float)) + return_error(e_rangecheck); +

/* verify the DataSource entry */ if (dict_find_string(op, "DataSource", &pstrmval) <= 0)

return_error(e_undefined);

Change History (1)

comment:1 by Randy McMurchy, 14 years ago

Resolution: fixed
Status: newclosed

Added the patch to the ESP Ghostscript instructions. Thanks Alexander!

Note: See TracTickets for help on using tickets.