FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
25872b25-da2d-11ed-b715-a1e76793953bghostscript -- exploitable buffer overflow in (T)BCP in PS interpreter

cve@mitre.org reports:

In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.


Discovery 2023-03-23
Entry 2023-04-13
Modified 2023-04-28
ghostscript
< 10.01.1

ghostscript7-base
< 10.01.1

ghostscript7-commfont
< 10.01.1

ghostscript7-jpnfont
< 10.01.1

ghostscript7-korfont
< 10.01.1

ghostscript7-x11
< 10.01.1

ghostscript8-base
< 10.01.1

ghostscript8-x11
< 10.01.1

ghostscript9-agpl-base
< 9.56.1_10

CVE-2023-28879
https://nvd.nist.gov/vuln/detail/CVE-2023-28879
https://artifex.com/news/critical-security-vulnerability-fixed-in-ghostscript
fc1f6658-4f53-11e5-934b-002590263bf5ghostscript -- denial of service (crash) via crafted Postscript files

MITRE reports:

Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.


Discovery 2015-06-17
Entry 2015-09-01
Modified 2015-09-02
ghostscript7
ghostscript7-nox11
ghostscript7-base
ghostscript7-x11
< 7.07_32

ghostscript8
ghostscript8-nox11
ghostscript8-base
ghostscript8-x11
< 8.71_19

ghostscript9
ghostscript9-nox11
ghostscript9-base
ghostscript9-x11
< 9.06_11

ghostscript9-agpl
ghostscript9-agpl-nox11
< 9.15_2

ghostscript9-agpl-base
ghostscript9-agpl-x11
< 9.16_2

CVE-2015-3228
http://bugs.ghostscript.com/show_bug.cgi?id=696041
http://bugs.ghostscript.com/show_bug.cgi?id=696070
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0c0b0859