[Secure-testing-team] Bug#584065: wv: Security bugs in ghostscript

Paul Szabo paul.szabo at sydney.edu.au
Tue Jun 1 01:35:55 UTC 2010 

Package: wv
Severity: grave
Tags: security
Justification: user security hole


Please note remote execute-any-code security bugs in ghostscript:

  http://bugs.debian.org/583183

This package suggests ghostscript, and may be affected. Please
evaluate the security of this package, and fix if needed.

Thanks,

Paul Szabo   psz at maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia


-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-pk03.17-svr (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages wv depends on:
ii  libc6                  2.7-18lenny2      GNU C Library: Shared libraries
ii  libexpat1              2.0.1-4+lenny3    XML parsing C library - runtime li
ii  libfreetype6           2.3.7-2+lenny1    FreeType 2 font engine, shared lib
pn  libglib1.2             <none>            (no description available)
ii  libjpeg62              6b-14             The Independent JPEG Group's JPEG 
pn  libpng2                <none>            (no description available)
pn  libwmf0.2-2            <none>            (no description available)
pn  xlibs                  <none>            (no description available)
ii  zlib1g                 1:1.2.3.3.dfsg-12 compression library - runtime

wv recommends no packages.

Versions of packages wv suggests:
ii  evince [postscript 2.22.2-4~lenny1       Document (postscript, pdf) viewer
ii  ghostscript [posts 8.62.dfsg.1-3.2lenny1 The GPL Ghostscript PostScript/PDF
ii  ghostscript-x [gs] 8.62.dfsg.1-3.2lenny1 The GPL Ghostscript PostScript/PDF
ii  gs                 8.62.dfsg.1-3.2lenny1 Transitional package
ii  gv [postscript-vie 1:3.6.5-2             PostScript and PDF viewer for X
ii  kghostview [postsc 4:3.5.9-3+lenny3      PostScript viewer for KDE
pn  libwmf-bin         <none>                (no description available)
ii  lynx               2.8.7dev9-2.1         Text-mode WWW Browser (transitiona
ii  tetex-bin          2007.dfsg.2-1~lenny2  TeX Live: teTeX transitional packa
ii  tetex-extra        2007.dfsg.2-1~lenny2  TeX Live: teTeX transitional packa

More information about the Secure-testing-team mailing list