Advisories » MGASA-2024-0180

Updated ghostscript packages fix security vulnerability

Publication date: 16 May 2024
Modification date: 16 May 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-52722

Description

An issue was discovered in Artifex Ghostscript through 10.01.0.
psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the
Type 1 standard. (CVE-2023-52722)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33196
• https://lwn.net/Articles/973065/
• https://lists.suse.com/pipermail/sle-security-updates/2024-May/018501.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52722

SRPMS

9/core

• ghostscript-10.00.0-6.5.mga9