ghostscript: fix CVE-2023-38559 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Archana Polampalli <archana.polampalli@windriver.com>	2023-08-10 10:23:53 +0000
committer	Steve Sakoman <steve@sakoman.com>	2023-08-19 05:56:58 -1000
commit	8e90df16f5d7aa300d1379b4ed0faf06758f632d (patch)
tree	d61ffe498dfc8cf1ca995e005e221b9f051baa91 /scripts/lib/devtool/package.py
parent	ab548842efd4d4e238880a88ac9de5ddb7d27798 (diff)
download	poky-8e90df16f5d7aa300d1379b4ed0faf06758f632d.tar.gz

ghostscript: fix CVE-2023-38559

A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-38559 Upstream patch: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1fb9991bb95f1201abb5dea55f57f (From OE-Core rev: e77c0b35969ae690b390ffae682fd6552ff8aff8) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/devtool/package.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: