summaryrefslogtreecommitdiff
path: root/meta/recipes-gnome/libnotify
diff options
context:
space:
mode:
authorCatalin Enache <catalin.enache@windriver.com>2017-04-21 15:04:17 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-04-28 11:26:07 +0100
commit6679a4d4379f6f18554ed0042546cce94d5d0b19 (patch)
tree3ed7a894be4cdda80a49cb3d565e479ee8dd93f4 /meta/recipes-gnome/libnotify
parent14abd767349bc868ca59838f1af3aaf17dfe4350 (diff)
downloadopenembedded-core-6679a4d4379f6f18554ed0042546cce94d5d0b19.tar.gz
openembedded-core-6679a4d4379f6f18554ed0042546cce94d5d0b19.tar.bz2
openembedded-core-6679a4d4379f6f18554ed0042546cce94d5d0b19.zip
ghostscript : CVE-2016-10219, CVE-2016-10220, CVE-2017-5951
The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module. The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10219 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10220 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5951 Upstream patches: http://git.ghostscript.com/?p=ghostpdl.git;h=4bef1a1d32e29b68855616020dbff574b9cda08f http://git.ghostscript.com/?p=ghostpdl.git;h=daf85701dab05f17e924a48a81edc9195b4a04e8 http://git.ghostscript.com/?p=ghostpdl.git;h=bfa6b2ecbe48edc69a7d9d22a12419aed25960b8 Signed-off-by: Catalin Enache <catalin.enache@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-gnome/libnotify')
0 files changed, 0 insertions, 0 deletions