Advisories » MGASA-2023-0267

Updated ghostpcl packages fix security vulnerability

Publication date: 24 Sep 2023
Modification date: 24 Sep 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-38560

Description

An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name
in ghostscript. This issue may allow a local attacker to cause a denial of
service via transforming a crafted PCL file to PDF format.
(CVE-2023-38560)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32260
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38560

SRPMS

8/core

• ghostpcl-9.53.3-2.1.mga8

9/core

• ghostpcl-10.0.0-2.2.mga9