commit patchinfo.887 for openSUSE:11.4:Update
Hello community, here is the log from the commit of package patchinfo.887 for openSUSE:11.4:Update checked in at 2012-10-04 17:34:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:11.4:Update/patchinfo.887 (Old) and /work/SRC/openSUSE:11.4:Update/.patchinfo.887.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.887", Maintainer is "" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="887"> <packager>mweckbecker</packager> <issue tracker="bnc" id="779700">VUL-0: CVE-2012-4405: ghostscript-library: array index error leading to heap-based buffer overflow</issue> <issue tracker="cve" id="CVE-2012-4405"></issue> <category>security</category> <rating>important</rating> <summary>ghostscript: security update</summary> <description>The following security issue was fixed in ghostscript: Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. </description> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de