[Secure-testing-team] Bug#584064: texlive-base-bin: Security bugs in ghostscript

Paul Szabo paul.szabo at sydney.edu.au
Tue Jun 1 01:35:11 UTC 2010 

Package: texlive-base-bin
Version: 2007.dfsg.2-4+lenny2
Severity: grave
Tags: security
Justification: user security hole


Please note remote execute-any-code security bugs in ghostscript:

  http://bugs.debian.org/583183

This package suggests ghostscript, and may be affected. Please
evaluate the security of this package, and fix if needed.

Thanks,

Paul Szabo   psz at maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-pk03.17-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages texlive-base-bin depends on:
ii  ed                  0.7-3                The classic unix line editor
ii  libc6               2.7-18lenny2         GNU C Library: Shared libraries
ii  libgcc1             1:4.3.2-1.1          GCC support library
ii  libkpathsea4        2007.dfsg.2-4+lenny2 TeX Live: path search library for 
ii  libncurses5         5.7+20081213-1       shared libraries for terminal hand
ii  libpng12-0          1.2.27-2+lenny3      PNG library - runtime
ii  libpoppler3         0.8.7-3              PDF rendering library
ii  libstdc++6          4.3.2-1.1            The GNU Standard C++ Library v3
ii  libx11-6            2:1.1.5-2            X11 client-side library
ii  libxaw7             2:1.0.4-2            X11 Athena Widget library
ii  libxmu6             2:1.0.4-1            X11 miscellaneous utility library
ii  libxpm4             1:3.5.7-1            X11 pixmap library
ii  libxt6              1:1.0.5-3            X11 toolkit intrinsics library
ii  mime-support        3.44-1               MIME files 'mime.types' & 'mailcap
ii  perl                5.10.0-19lenny2      Larry Wall's Practical Extraction 
ii  tex-common          1.11.3               common infrastructure for building
ii  texlive-common      2007.dfsg.2-1~lenny2 TeX Live: Base component
ii  zlib1g              1:1.2.3.3.dfsg-12    compression library - runtime

Versions of packages texlive-base-bin recommends:
ii  texlive-base-bin-do 2007.dfsg.2-4+lenny2 TeX Live: Documentation files for 

Versions of packages texlive-base-bin suggests:
ii  evince [postscript 2.22.2-4~lenny1       Document (postscript, pdf) viewer
ii  ghostscript [posts 8.62.dfsg.1-3.2lenny1 The GPL Ghostscript PostScript/PDF
ii  gv [postscript-vie 1:3.6.5-2             PostScript and PDF viewer for X
ii  kghostview [postsc 4:3.5.9-3+lenny3      PostScript viewer for KDE
ii  kpdf [pdf-viewer]  4:3.5.9-3+lenny3      PDF viewer for KDE
ii  perl-tk            1:804.028-1+b1        Perl module providing the Tk graph
ii  xpdf-reader [pdf-v 3.02-1.4+lenny2       Portable Document Format (PDF) sui
ii  xpdf-utils [pdf-vi 3.02-1.4+lenny2       Portable Document Format (PDF) sui

Versions of packages tex-common depends on:
ii  debconf                       1.5.24     Debian configuration management sy
ii  ucf                           3.0016     Update Configuration File: preserv

Versions of packages texlive-base-bin is related to:
ii  tetex-base          2007.dfsg.2-1~lenny2 TeX Live: teTeX transitional packa
ii  tetex-bin           2007.dfsg.2-1~lenny2 TeX Live: teTeX transitional packa
ii  tetex-extra         2007.dfsg.2-1~lenny2 TeX Live: teTeX transitional packa
ii  tex-common          1.11.3               common infrastructure for building

-- debconf information excluded

More information about the Secure-testing-team mailing list