Red Hat Product Errata RHSA-2009:0421 - Security Advisory

Issued:: 2009-04-14
Updated:: 2009-04-14

RHSA-2009:0421 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: ghostscript security update

Type/Severity

Security Advisory: Moderate

Topic

Updated ghostscript packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

Ghostscript is a set of software that provides a PostScript interpreter, a
set of C procedures (the Ghostscript library, which implements the graphics
capabilities in the PostScript language) and an interpreter for Portable
Document Format (PDF) files.

It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not
address all possible integer overflow flaws in Ghostscript's International
Color Consortium Format library (icclib). Using specially-crafted ICC
profiles, an attacker could create a malicious PostScript or PDF file with
embedded images that could cause Ghostscript to crash or, potentially,
execute arbitrary code when opened. (CVE-2009-0792)

A buffer overflow flaw and multiple missing boundary checks were found in
Ghostscript. An attacker could create a specially-crafted PostScript or PDF
file that could cause Ghostscript to crash or, potentially, execute
arbitrary code when opened. (CVE-2008-6679, CVE-2007-6725, CVE-2009-0196)

Red Hat would like to thank Alin Rad Pop of Secunia Research for
responsibly reporting the CVE-2009-0196 flaw.

Users of ghostscript are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server - Extended Update Support 5.3 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 5.3 ia64
Red Hat Enterprise Linux Server - Extended Update Support 5.3 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.3 s390x
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386
Red Hat Enterprise Linux Server - AUS 5.3 x86_64
Red Hat Enterprise Linux Server - AUS 5.3 ia64
Red Hat Enterprise Linux Server - AUS 5.3 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.3 ppc

Fixes

BZ - 491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
BZ - 493379 - CVE-2009-0196 ghostscript: Missing boundary check in Ghostscript's jbig2dec library
BZ - 493442 - CVE-2007-6725 ghostscript: DoS (crash) in CCITTFax decoding filter
BZ - 493445 - CVE-2008-6679 ghostscript: Buffer overflow in BaseFont writer module for pdfwrite defice

CVEs

References

http://www.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 5

SRPM
ghostscript-8.15.2-9.4.el5_3.7.src.rpm	SHA-256: d1d165c4ec67abca2ded176c30ba2e80947233bc4442de7b977643657717241d
x86_64
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 1bbd82a7470fee97ad2dde95050fa9102e699de1b074b116b6422bc7cb7c25e9
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: d40dddcefdb370ea67a337f871f8d6a8477ff63d6c69c3a06caaeda713b6340f
ghostscript-devel-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 31cb21dee930576a24daae06917acb7c5934394951353618c75f173574d7af1e
ghostscript-gtk-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 2f99620cb0a694e5a4a2d6a4ff4f2140be4e706b4dfe4a64cb5009fd0db14c1f
ia64
ghostscript-8.15.2-9.4.el5_3.7.ia64.rpm	SHA-256: 4725d9477c8c38fce17812fcea6d9bb4fc81e5fde375fd5b35f8a908c390b332
ghostscript-devel-8.15.2-9.4.el5_3.7.ia64.rpm	SHA-256: 4c2676b98d3ad2b885dfec2059db8c35b1f7e7c72ad5ed635840ace078e58dde
ghostscript-gtk-8.15.2-9.4.el5_3.7.ia64.rpm	SHA-256: d7dbeb9b89e462301fae2e0727fc104dcbfeb7d6d3dcf9eb0c35be803c0369c9
i386
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: d40dddcefdb370ea67a337f871f8d6a8477ff63d6c69c3a06caaeda713b6340f
ghostscript-gtk-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: ed99cfda05f49d89ca47065cbd711f659421f13453a7464e8d26842ea474fc91

Red Hat Enterprise Linux Workstation 5

SRPM
ghostscript-8.15.2-9.4.el5_3.7.src.rpm	SHA-256: d1d165c4ec67abca2ded176c30ba2e80947233bc4442de7b977643657717241d
x86_64
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 1bbd82a7470fee97ad2dde95050fa9102e699de1b074b116b6422bc7cb7c25e9
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: d40dddcefdb370ea67a337f871f8d6a8477ff63d6c69c3a06caaeda713b6340f
ghostscript-devel-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 31cb21dee930576a24daae06917acb7c5934394951353618c75f173574d7af1e
ghostscript-gtk-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 2f99620cb0a694e5a4a2d6a4ff4f2140be4e706b4dfe4a64cb5009fd0db14c1f
i386
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: d40dddcefdb370ea67a337f871f8d6a8477ff63d6c69c3a06caaeda713b6340f
ghostscript-gtk-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: ed99cfda05f49d89ca47065cbd711f659421f13453a7464e8d26842ea474fc91

Red Hat Enterprise Linux Desktop 5

SRPM
ghostscript-8.15.2-9.4.el5_3.7.src.rpm	SHA-256: d1d165c4ec67abca2ded176c30ba2e80947233bc4442de7b977643657717241d
x86_64
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 1bbd82a7470fee97ad2dde95050fa9102e699de1b074b116b6422bc7cb7c25e9
ghostscript-gtk-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 2f99620cb0a694e5a4a2d6a4ff4f2140be4e706b4dfe4a64cb5009fd0db14c1f
i386
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-gtk-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: ed99cfda05f49d89ca47065cbd711f659421f13453a7464e8d26842ea474fc91

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
ghostscript-8.15.2-9.4.el5_3.7.src.rpm	SHA-256: d1d165c4ec67abca2ded176c30ba2e80947233bc4442de7b977643657717241d
s390x
ghostscript-8.15.2-9.4.el5_3.7.s390.rpm	SHA-256: 335f20b3faa3a5a2c7b1171b43d62fe57c80bcc0c0797855d39b556cc3c8f3dc
ghostscript-8.15.2-9.4.el5_3.7.s390x.rpm	SHA-256: f4b165531fb529656081dc3ddc228d25bde86185ba494a5d148ab9dc153a7351
ghostscript-devel-8.15.2-9.4.el5_3.7.s390.rpm	SHA-256: 0458352acf37df6b922b20c110ed3de26913ecb0523a4fb8c2fe1208fb9fc185
ghostscript-devel-8.15.2-9.4.el5_3.7.s390x.rpm	SHA-256: 757074d697ebaad7983b8656688fc56b0ddc67c88cbad989af46be6e2f6ba843
ghostscript-gtk-8.15.2-9.4.el5_3.7.s390x.rpm	SHA-256: aa16e126b16caf9e760b545790884274deb927016b3da9e4c34328bdefa052b2

Red Hat Enterprise Linux for Power, big endian 5

SRPM
ghostscript-8.15.2-9.4.el5_3.7.src.rpm	SHA-256: d1d165c4ec67abca2ded176c30ba2e80947233bc4442de7b977643657717241d
ppc
ghostscript-8.15.2-9.4.el5_3.7.ppc.rpm	SHA-256: 180778733aad3745a12b01cfc00a686d3009260ce4b5f683747a826a00b90dc7
ghostscript-8.15.2-9.4.el5_3.7.ppc64.rpm	SHA-256: c4f04cdf5732aaef795b67e370a436357bf7abf9aa8576862731907986ba11a3
ghostscript-devel-8.15.2-9.4.el5_3.7.ppc.rpm	SHA-256: a24d63424a94adc4865b6c600ceb6f8ee9094d1c5a7aacf821319120e7f7d5ab
ghostscript-devel-8.15.2-9.4.el5_3.7.ppc64.rpm	SHA-256: 86a928c92850650672b68a7fb15a8b2ba8ce4f4b023ebf4c73a5b337e84f9e48
ghostscript-gtk-8.15.2-9.4.el5_3.7.ppc.rpm	SHA-256: 9e52dd4007b186c188d29aece80dc92d49ecb5e80ec47cd838ad094d468e6491

Red Hat Enterprise Linux Server from RHUI 5

SRPM
ghostscript-8.15.2-9.4.el5_3.7.src.rpm	SHA-256: d1d165c4ec67abca2ded176c30ba2e80947233bc4442de7b977643657717241d
x86_64
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 1bbd82a7470fee97ad2dde95050fa9102e699de1b074b116b6422bc7cb7c25e9
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: d40dddcefdb370ea67a337f871f8d6a8477ff63d6c69c3a06caaeda713b6340f
ghostscript-devel-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 31cb21dee930576a24daae06917acb7c5934394951353618c75f173574d7af1e
ghostscript-gtk-8.15.2-9.4.el5_3.7.x86_64.rpm	SHA-256: 2f99620cb0a694e5a4a2d6a4ff4f2140be4e706b4dfe4a64cb5009fd0db14c1f
i386
ghostscript-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: be427e3fea7ae09613d6b3b916e7c02a9abdade5b213ac8497a641f68eacd076
ghostscript-devel-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: d40dddcefdb370ea67a337f871f8d6a8477ff63d6c69c3a06caaeda713b6340f
ghostscript-gtk-8.15.2-9.4.el5_3.7.i386.rpm	SHA-256: ed99cfda05f49d89ca47065cbd711f659421f13453a7464e8d26842ea474fc91

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories