svn commit: r519632 - head/security/vuxml
Tijl Coosemans
tijl at FreeBSD.org
Mon Dec 9 20:54:18 UTC 2019
Author: tijl
Date: Mon Dec 9 20:54:17 2019
New Revision: 519632
URL: https://svnweb.freebsd.org/changeset/ports/519632
Log:
Document Ghostscript vulnerabilities.
Security: CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Dec 9 20:26:00 2019 (r519631)
+++ head/security/vuxml/vuln.xml Mon Dec 9 20:54:17 2019 (r519632)
@@ -58,6 +58,64 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="22ae307a-1ac4-11ea-b267-001cc0382b2f">
+ <topic>Ghostscript -- Security bypass vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>ghostscript9-agpl-base</name>
+ <name>ghostscript9-agpl-x11</name>
+ <range><lt>9.50</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Cedric Buissart (Red Hat) reports:</p>
+ <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14811">
+ <p>A flaw was found in, ghostscript versions prior to 9.50, in the
+ .pdf_hook_DSC_Creator procedure where it did not properly secure
+ its privileged calls, enabling scripts to bypass `-dSAFER`
+ restrictions. A specially crafted PostScript file could disable
+ security protection and then have access to the file system, or
+ execute arbitrary commands.</p>
+ </blockquote>
+ <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14812">
+ <p>A flaw was found in all ghostscript versions 9.x before 9.50, in
+ the .setuserparams2 procedure where it did not properly secure its
+ privileged calls, enabling scripts to bypass `-dSAFER`
+ restrictions. A specially crafted PostScript file could disable
+ security protection and then have access to the file system, or
+ execute arbitrary commands.</p>
+ </blockquote>
+ <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14813">
+ <p>A flaw was found in ghostscript, versions 9.x before 9.50, in the
+ setsystemparams procedure where it did not properly secure its
+ privileged calls, enabling scripts to bypass `-dSAFER`
+ restrictions. A specially crafted PostScript file could disable
+ security protection and then have access to the file system, or
+ execute arbitrary commands.</p>
+ </blockquote>
+ <blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14817">
+ <p>A flaw was found in, ghostscript versions prior to 9.50, in the
+ .pdfexectoken and other procedures where it did not properly secure
+ its privileged calls, enabling scripts to bypass `-dSAFER`
+ restrictions. A specially crafted PostScript file could disable
+ security protection and then have access to the file system, or
+ execute arbitrary commands.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2019-14811</cvename>
+ <cvename>CVE-2019-14812</cvename>
+ <cvename>CVE-2019-14813</cvename>
+ <cvename>CVE-2019-14817</cvename>
+ </references>
+ <dates>
+ <discovery>2019-08-20</discovery>
+ <entry>2019-12-09</entry>
+ </dates>
+ </vuln>
+
<vuln vid="ca3fe5b3-185e-11ea-9673-4c72b94353b5">
<topic>phpmyadmin -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-head
mailing list