diff options
author | Catalin Enache <catalin.enache@windriver.com> | 2017-05-08 16:42:59 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-05-18 14:01:48 +0100 |
commit | 7bf386d5ffba1c8b130c3b77ea9a3fbbc5786afd (patch) | |
tree | 9d60231192e0682f7807580abc3c64964737d025 /meta/recipes-support/nspr | |
parent | e60319ddb056606fe27797f507c4e6d2e54f864b (diff) | |
download | poky-7bf386d5ffba1c8b130c3b77ea9a3fbbc5786afd.tar.gz |
ghostscript: CVE-2016-8602, CVE-2017-7975
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote
attackers to cause a denial of service (application crash) or possibly execute
arbitrary code via a crafted Postscript document that calls .sethalftone5 with an
empty operand stack.
Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because
of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c
during operations on a crafted JBIG2 file, leading to a denial of service (application
crash) or possibly execution of arbitrary code.
References:
https://nvd.nist.gov/vuln/detail/CVE-2016-8602
https://nvd.nist.gov/vuln/detail/CVE-2017-7975
Upstream patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=f5c7555c303
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5e57e483298
(From OE-Core rev: 8f919c2df47ca93132f21160d919b6ee2207d9a6)
Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/nspr')
0 files changed, 0 insertions, 0 deletions