[Secure-testing-team] Bug#584047: grace: Security bugs in ghostscript

[Paul Szabo]

Package: grace
Severity: grave
Tags: security
Justification: user security hole


Subject: Security bugs in ghostscript

Please note remote execute-any-code security bugs in ghostscript:

  http://bugs.debian.org/583183

This package suggests ghostscript, and may be affected. Please
evaluate the security of this package, and fix if needed.

Thanks,

Paul Szabo   psz at maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-pk03.17-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages grace depends on:
pn  fftw2 | fftw2 <none>                     (no description available)
ii  gsfonts       1:8.11+urwcyr1.0.7~pre44-3 Fonts for the Ghostscript interpre
pn  lesstif1      <none>                     (no description available)
ii  libc6         2.7-18lenny2               GNU C Library: Shared libraries
ii  libjpeg62     6b-14                      The Independent JPEG Group's JPEG 
pn  libpng2       <none>                     (no description available)
pn  libtiff3g     <none>                     (no description available)
pn  netcdfg3      <none>                     (no description available)
pn  t1lib1        <none>                     (no description available)
pn  xlibs         <none>                     (no description available)
pn  xmhtml1       <none>                     (no description available)
ii  zlib1g        1:1.2.3.3.dfsg-12          compression library - runtime

grace recommends no packages.

grace suggests no packages.