Package: ghostscript Severity: grave Tags: security -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for ghostscript. CVE-2010-1628[0]: | Ghostscript 8.64, 8.70, and possibly other versions allows | context-dependent attackers to execute arbitrary code via a PostScript | file containing unlimited recursive procedure invocations, which | trigger memory corruption in the stack of the interpreter. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1628 http://security-tracker.debian.org/tracker/CVE-2010-1628 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkwIu/0ACgkQNxpp46476aqSZwCgiYQSz4A8fTVRECgr8yK/+iot FmwAnAwm+dN/IMETZLh76xRufiD6Z/xS =+7ZU -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
