-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3838-1 security@xxxxxxxxxx https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ghostscript CVE ID : CVE-2016-10219 CVE-2016-10220 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 Debian Bug : 858350 859666 859694 859696 861295 Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed. For the stable distribution (jessie), these problems have been fixed in version 9.06~dfsg-2+deb8u5. For the unstable distribution (sid), these problems have been fixed in version 9.20~dfsg-3.1 or earlier versions. We recommend that you upgrade your ghostscript packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlkDK7FfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Sy2A/+NRPzrRNkijdWTdHNqNT81bZ1Rodg0+gbHFlZ5z867x+A2G7qlYLfJhcS dkdHG50ANakgqPVkjy4bdIeakFerlHmlVVGUfiVD5MGPblBKWYL1Er4wybhW2ucs ATmOOKrxjzD8lRCwgxN2LLgdAJn0o51KZJYYxu1QQsRMlR1LqmfOJwQlhHck/9eC WMXTojqIzamgUHOe8CInu7j7dZofHHGnjPGQqbCUBF3/2/y7IxN5JwsiSpsQTnPC /KeRcGa2t+fILdM63cahPk+bGivECeXKql9gF8087z5iDR53+uPqubW6GF/OFEpS 2AdT05Mttx6gyiJtAgzFW6Fmv1CH1xynYnsi8e9YhRaDfW7L0/l+fHraHDNrMDnS IqKPpVUqxjXFNWwKVU6XlP6WEaZvUacU5VUjKd+4pIBkplIx0teQ6t4QPsnMM106 FEO3ob4/2uXICWwdVK/HGAA083boSdpJ1fij9lR1AXflvth2gv5vIfIqHTgeA+uU MyK5O0hKpKaWYRW5eIUtLA3/woPnXI75LSZemYSw4hrauPGoVWgs0gPtxpPhCLZM SW3sP+jRY7LCoAG/uvW+CRnBhcbkjbMZUK9PfpCE+Fgae/T1kxkNtUXEVjoho7vx PAWRr5RaLFusbPlExP34C9mRnbBM3VPUJcTJn8hguKz2tjmkCfY= =usrs -----END PGP SIGNATURE-----