Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2019-0188)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2019.0188

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2019-0188)

Resumen: The remote host is missing an update for the 'ghostscript' package(s) announced via the MGASA-2019-0188 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ghostscript' package(s) announced via the MGASA-2019-0188 advisory.

Vulnerability Insight:
It was found that in ghostscript some privileged operators remained
accessible from various places after the CVE-2019-6116 fix. A specially
crafted PostScript file could use this flaw in order to, for example,
have access to the file system outside of the constrains imposed by
-dSAFER. Ghostscript versions before 9.28 are vulnerable. (CVE-2019-3839)

Affected Software/OS:
'ghostscript' package(s) on Mageia 6.

Solution:
Please install the updated package(s).

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-3839
Bugtraq: 20190512 [SECURITY] [DSA 4442-1] ghostscript security update (Google Search)
https://seclists.org/bugtraq/2019/May/23
Debian Security Information: DSA-4442 (Google Search)
https://www.debian.org/security/2019/dsa-4442
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/
https://lists.debian.org/debian-lts-announce/2019/05/msg00023.html
RedHat Security Advisories: RHSA-2019:0971
https://access.redhat.com/errata/RHSA-2019:0971
RedHat Security Advisories: RHSA-2019:1017
https://access.redhat.com/errata/RHSA-2019:1017
SuSE Security Announcement: openSUSE-SU-2019:2222 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html
SuSE Security Announcement: openSUSE-SU-2019:2223 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html
https://usn.ubuntu.com/3970-1/

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2019.0188
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2019-0188)
Resumen:	The remote host is missing an update for the 'ghostscript' package(s) announced via the MGASA-2019-0188 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ghostscript' package(s) announced via the MGASA-2019-0188 advisory. Vulnerability Insight: It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.28 are vulnerable. (CVE-2019-3839) Affected Software/OS: 'ghostscript' package(s) on Mageia 6. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-3839 Bugtraq: 20190512 [SECURITY] [DSA 4442-1] ghostscript security update (Google Search) https://seclists.org/bugtraq/2019/May/23 Debian Security Information: DSA-4442 (Google Search) https://www.debian.org/security/2019/dsa-4442 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZP34D27RKYV2POJ3NJLSVCHUA5V5C45A/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6AATIHU32MYKUOXQDJQU4X4DDVL7NAY3/ https://lists.debian.org/debian-lts-announce/2019/05/msg00023.html RedHat Security Advisories: RHSA-2019:0971 https://access.redhat.com/errata/RHSA-2019:0971 RedHat Security Advisories: RHSA-2019:1017 https://access.redhat.com/errata/RHSA-2019:1017 SuSE Security Announcement: openSUSE-SU-2019:2222 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00090.html SuSE Security Announcement: openSUSE-SU-2019:2223 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html https://usn.ubuntu.com/3970-1/
Copyright	Copyright (C) 2022 Greenbone AG