oss-sec mailing list archives
CVE request -- ghostscript
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Wed, 01 Apr 2009 21:43:47 +0200
Hello Steve, could you please allocate new CVE ids for the following two Ghostscript issues: 1, DoS (crash) in CCITTFax decoding filter References: https://bugzilla.redhat.com/show_bug.cgi?id=493442 https://bugzilla.redhat.com/show_bug.cgi?id=229174 -^ original report, so CVE-2007-XXXX will be needed https://bugzilla.redhat.com/show_bug.cgi?id=493442#c1 (PoC) 2, Buffer overflow in BaseFont writer module for pdfwrite defice References: https://bugzilla.redhat.com/show_bug.cgi?id=493445 http://bugs.ghostscript.com/show_bug.cgi?id=690211 -^ upstream bug report, so CVE-2008-XXXX will be needed http://svn.ghostscript.com/viewvc?view=rev&sortby=rev&revision=9304 (upstream patch) Thanks, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE request -- ghostscript Jan Lieskovsky (Apr 01)
- Re: CVE request -- ghostscript Robert Buchholz (Apr 02)
- Re: CVE request -- ghostscript Jan Lieskovsky (Apr 02)
- Re: (Sort of urgent) CVE request -- ghostscript Jan Lieskovsky (Apr 08)
- Re: (Sort of urgent) CVE request -- ghostscript Steven M. Christey (Apr 08)
- Re: CVE request -- ghostscript Robert Buchholz (Apr 02)