COMMAND
ghostscript
SYSTEMS AFFECTED
Linux
PROBLEM
The ghostscript package uses mktemp instead of mkstemp to create
temporary files. It also uses improper LD_RUN_PATH values, which
causes it to search for libraries in the current directory.
Both problems can probably be exploited to gain increased
privilege on the system.
SOLUTION
For Linux Mandrake:
Linux-Mandrake 6.0: 6.0/RPMS/ghostscript-5.10-10.1mdk.i586.rpm
6.0/SRPMS/ghostscript-5.10-10.1mdk.src.rpm
Linux-Mandrake 6.1: 6.1/RPMS/ghostscript-5.10-10.1mdk.i586.rpm
6.1/SRPMS/ghostscript-5.10-10.1mdk.src.rpm
Linux-Mandrake 7.0: 7.0/RPMS/ghostscript-5.10-17.1mdk.i586.rpm
7.0/RPMS/ghostscript-Both-5.10-17.1mdk.i586.rpm
7.0/RPMS/ghostscript-PrintOnly-5.10-17.1mdk.i586.rpm
7.0/RPMS/ghostscript-SVGALIB-5.10-17.1mdk.i586.rpm
7.0/RPMS/ghostscript-X-5.10-17.1mdk.i586.rpm
7.0/SRPMS/ghostscript-5.10-17.1mdk.src.rpm
Linux-Mandrake 7.1: 7.1/RPMS/ghostscript-5.50-9.1mdk.i586.rpm
7.1/RPMS/ghostscript-Both-5.50-9.1mdk.i586.rpm
7.1/RPMS/ghostscript-PrintOnly-5.50-9.1mdk.i586.rpm
7.1/RPMS/ghostscript-SVGALIB-5.50-9.1mdk.i586.rpm
7.1/RPMS/ghostscript-X-5.50-9.1mdk.i586.rpm
7.1/SRPMS/ghostscript-5.50-9.1mdk.src.rpm
Linux-Mandrake 7.2: 7.2/RPMS/ghostscript-5.50-35.1mdk.i586.rpm
7.2/RPMS/ghostscript-module-SVGALIB-5.50-35.1mdk.i586.rpm
7.2/RPMS/ghostscript-module-X-5.50-35.1mdk.i586.rpm
7.2/RPMS/ghostscript-utils-5.50-35.1mdk.i586.rpm
7.2/SRPMS/ghostscript-5.50-35.1mdk.src.rpm
For Caldera Linux:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
RPMS/ghostscript-5.10-16.i386.rpm
RPMS/ghostscript-doc-5.10-16.i386.rpm
RPMS/ghostscript-fonts-5.10-16.i386.rpm
SRPMS/ghostscript-5.10-16.src.rpm
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
RPMS/ghostscript-5.10-16.i386.rpm
RPMS/ghostscript-doc-5.10-16.i386.rpm
RPMS/ghostscript-fonts-5.10-16.i386.rpm
SRPMS/ghostscript-5.10-16.src.rpm
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
RPMS/ghostscript-5.10-16.i386.rpm
RPMS/ghostscript-doc-5.10-16.i386.rpm
RPMS/ghostscript-fonts-5.10-16.i386.rpm
SRPMS/ghostscript-5.10-16.src.rpm
For RedHat:
ftp://updates.redhat.com/5.2/alpha/ghostscript-4.03-2.alpha.rpm
ftp://updates.redhat.com/5.2/sparc/ghostscript-4.03-2.sparc.rpm
ftp://updates.redhat.com/5.2/i386/ghostscript-4.03-2.i386.rpm
ftp://updates.redhat.com/5.2/SRPMS/ghostscript-4.03-2.src.rpm
ftp://updates.redhat.com/6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm
ftp://updates.redhat.com/6.2/sparc/ghostscript-5.50-8_6.x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/ghostscript-5.50-8_6.x.sparc .rpm
ftp://updates.redhat.com/6.2/i386/ghostscript-5.50-8_6.x.i386.rpm
ftp://updates.redhat.com/6.2/i386/ghostscript-5.50-8_6.x.i386.rpm
ftp://updates.redhat.com/6.2/SRPMS/ghostscript-5.50-8_6.x.src.rpm
ftp://updates.redhat.com/6.2/SRPMS/ghostscript-5.50-8_6.x.src.rpm
ftp://updates.redhat.com/7.0/i386/ghostscript-5.50-8.i386.rpm
ftp://updates.redhat.com/7.0/SRPMS/ghostscript-5.50-8.src.rpm
For Debian:
http://security.debian.org/dists/stable/updates/main/source/gs_5.10-10.1.diff.gz
http://security.debian.org/dists/stable/updates/main/source/gs_5.10-10.1.dsc
http://security.debian.org/dists/stable/updates/main/source/gs_5.10.orig.tar.gz
http://security.debian.org/dists/stable/updates/main/binary-alpha/gs_5.10-10.1_alpha.deb
http://security.debian.org/dists/stable/updates/main/binary-arm/gs_5.10-10.1_arm.deb
http://security.debian.org/dists/stable/updates/main/binary-i386/gs_5.10-10.1_i386.deb
http://security.debian.org/dists/stable/updates/main/binary-m68k/gs_5.10-10.1_m68k.deb
http://security.debian.org/dists/stable/updates/main/binary-powerpc/gs_5.10-10.1_powerpc.deb
http://security.debian.org/dists/stable/updates/main/binary-sparc/gs_5.10-10.1_sparc.deb
For Conectiva Linux:
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/ghostscript-5.50-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ghostscript-5.50-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/ghostscript-svgalib-5.50-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/ghostscript-5.10-12cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/ghostscript-5.10-12cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/ghostscript-5.10-12cl.i386.rpm
For Immunix OS:
http://www.immunix.org/ImmunixOS/6.2/updates/RPMS/ghostscript-5.50-8_6.x_StackGuard.i386.rpm
http://www.immunix.org/ImmunixOS/6.2/updates/SRPMS/ghostscript-5.50-8_6.x_StackGuard.src.rpm
http://www.immunix.org/ImmunixOS/7.0-beta/updates/RPMS/ghostscript-5.50-8_StackGuard.i386.rpm
http://www.immunix.org/ImmunixOS/7.0-beta/updates/SRPMS/ghostscript-5.50-8_StackGuard.src.rpm