paul Posted July 15, 2010 Report Share Posted July 15, 2010 A vulnerability has been found and corrected in ghostscript: Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter (CVE-2010-1628). As a precaution ghostscriptc has been rebuilt to link against the system libpng library which was fixed with MDVSA-2010:133 The updated packages have been patched to correct this issue. Link to comment Share on other sites More sharing options...
Recommended Posts