Test ID:	1.3.6.1.4.1.25623.1.0.67696
Category:	Fedora Local Security Checks
Title:	Fedora Core 12 FEDORA-2010-10660 (gv)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to gv announced via advisory FEDORA-2010-10660. Update Information: - Update to 3.7.1 to fix CVE-2010-2055 and CVE-2010-2056 - Disable international support to avoid segfault on exit ChangeLog: * Mon Jun 28 2010 Orion Poplawski 3.7.1-1 - Update to 3.7.1 - Disable international support to avoid segfault on exit until bug 587349 is fixed * Thu Jun 3 2010 Orion Poplawski 3.6.91-1 - Update to 3.6.91 to fix CVE-2010-2055 and CVE-2010-2056 * Mon Apr 26 2010 Orion Poplawski 3.6.9-1 - Update to 3.6.9 * Tue Mar 2 2010 Orion Poplawski 3.6.8-2 - Ship icon, update desktop file * Mon Dec 28 2009 Orion Poplawski 3.6.8-1 - Update to 3.6.8 References: [ 1 ] Bug #599621 - CVE-2010-2056 gv: Insecure (predictable) temporary file use https://bugzilla.redhat.com/show_bug.cgi?id=599621 [ 2 ] Bug #599564 - CVE-2010-2055 GhostScript: Honors files present in cwd at startup https://bugzilla.redhat.com/show_bug.cgi?id=599564 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update gv' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2010-10660 Risk factor : High CVSS Score: 7.2
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2055 20100522 Ghostscript 8.64 executes random code at startup http://www.securityfocus.com/archive/1/511433 20100526 Re: Ghostscript 8.64 executes random code at startup http://www.securityfocus.com/archive/1/511472 http://www.securityfocus.com/archive/1/511474 http://www.securityfocus.com/archive/1/511476 40452 http://secunia.com/advisories/40452 40475 http://secunia.com/advisories/40475 40532 http://secunia.com/advisories/40532 66247 http://www.osvdb.org/66247 ADV-2010-1757 http://www.vupen.com/english/advisories/2010/1757 FEDORA-2010-10642 http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043948.html FEDORA-2010-10660 http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043913.html GLSA-201412-17 http://security.gentoo.org/glsa/glsa-201412-17.xml RHSA-2012:0095 https://rhn.redhat.com/errata/RHSA-2012-0095.html SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583316 http://bugs.ghostscript.com/show_bug.cgi?id=691339 http://bugs.ghostscript.com/show_bug.cgi?id=691350 http://savannah.gnu.org/forum/forum.php?forum_id=6368 https://bugzilla.novell.com/show_bug.cgi?id=608071 https://bugzilla.redhat.com/show_bug.cgi?id=599564 Common Vulnerability Exposure (CVE) ID: CVE-2010-2056 66249 http://www.osvdb.org/66249 https://bugzilla.redhat.com/show_bug.cgi?id=599621
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.