[Secure-testing-team] Bug#584052: kdelibs4c2a: Security bugs in ghostscript
Paul Szabo
paul.szabo at sydney.edu.au
Tue Jun 1 01:29:46 UTC 2010
Package: kdelibs4c2a
Version: 4:3.5.10.dfsg.1-0lenny4
Severity: grave
Tags: security
Justification: user security hole
Please note remote execute-any-code security bugs in ghostscript:
http://bugs.debian.org/583183
This package suggests ghostscript, and may be affected. Please
evaluate the security of this package, and fix if needed.
Thanks,
Paul Szabo psz at maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-pk03.17-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages kdelibs4c2a depends on:
ii kdelibs-data 4:3.5.10.dfsg.1-0lenny4 core shared data for all KDE appli
ii libacl1 2.2.47-2 Access control list shared library
ii libart-2.0-2 2.3.20-2 Library of functions for 2D graphi
ii libarts1c2a 1.5.9-2 aRts sound system core components
ii libasound2 1.0.16-2 ALSA library
ii libaspell15 0.60.6-1 GNU Aspell spell-checker runtime l
ii libattr1 1:2.4.43-2 Extended attribute shared library
ii libavahi-client 0.6.23-3lenny1 Avahi client library
ii libavahi-common 0.6.23-3lenny1 Avahi common library
ii libavahi-qt3-1 0.6.23-3lenny1 Avahi Qt 3 integration library
ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co
ii libc6 2.7-18lenny2 GNU C Library: Shared libraries
ii libcups2 1.3.8-1+lenny8 Common UNIX Printing System(tm) -
ii libfam0 2.7.0-13.3+lenny1 Client library to control the FAM
ii libfontconfig1 2.6.0-3 generic font configuration library
ii libgcc1 1:4.3.2-1.1 GCC support library
ii libice6 2:1.0.4-1 X11 Inter-Client Exchange library
ii libidn11 1.8+20080606-1 GNU libidn library, implementation
ii libilmbase6 1.0.1-2+nmu2 several utility libraries from ILM
ii libjasper1 1.900.1-5.1+lenny1 The JasPer JPEG-2000 runtime libra
ii libjpeg62 6b-14 The Independent JPEG Group's JPEG
ii libkrb53 1.6.dfsg.4~beta1-5lenny4 MIT Kerberos runtime libraries
ii liblua50 5.0.3-3 Main interpreter library for the L
ii liblualib50 5.0.3-3 Extension library for the Lua 5.0
ii libopenexr6 1.6.1-3+lenny3 runtime files for the OpenEXR imag
ii libpcre3 7.6-2.1 Perl 5 Compatible Regular Expressi
ii libqt3-mt 3:3.3.8b-5+b1 Qt GUI Library (Threaded runtime v
ii libsm6 2:1.0.3-2 X11 Session Management library
ii libstdc++6 4.3.2-1.1 The GNU Standard C++ Library v3
ii libtiff4 3.8.2-11.2 Tag Image File Format (TIFF) libra
ii libx11-6 2:1.1.5-2 X11 client-side library
ii libxext6 2:1.0.4-1 X11 miscellaneous extension librar
ii libxft2 2.1.12-3 FreeType-based font drawing librar
ii libxml2 2.6.32.dfsg-5+lenny1 GNOME XML library
ii libxrender1 1:0.9.4-2 X Rendering Extension client libra
ii libxslt1.1 1.1.24-2 XSLT processing library - runtime
ii menu-xdg 0.3 freedesktop.org menu compliant win
ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction
ii x11-xserver-uti 7.3+5 X server utilities
ii xauth 1:1.0.3-2 X authentication utility
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
kdelibs4c2a recommends no packages.
Versions of packages kdelibs4c2a suggests:
pn fam <none> (no description available)
ii ghostscript 8.62.dfsg.1-3.2lenny1 The GPL Ghostscript PostScript/PDF
ii perl-suid 5.10.0-19lenny2 Runs setuid Perl scripts
-- no debconf information
More information about the Secure-testing-team
mailing list