ASA-201901-18 generated external raw

[ASA-201901-18] ghostscript: sandbox escape
Arch Linux Security Advisory ASA-201901-18 ========================================== Severity: High Date : 2019-01-29 CVE-ID : CVE-2019-6116 Package : ghostscript Type : sandbox escape Remote : Yes Link : Summary ======= The package <a href="/package/ghostscript">ghostscript</a> before version 9.26-2 is vulnerable to sandbox escape. Resolution ========== Upgrade to 9.26-2. # pacman -Syu "ghostscript>=9.26-2" The problem has been fixed upstream but no release is available yet. Workaround ========== None. Description =========== It was found that <a href="/package/ghostscript">ghostscript</a> could leak sensitive operators on the operand stack when a pseudo-operator pushes a subroutine. A specially crafted PostScript file could use this flaw to escape the -dSAFER protection in order to, for example, have access to the file system and execute commands. Impact ====== A remote attacker is able to escape the sandbox via a specially crafted PostScript document. References ==========;a=commitdiff;h=13b0a36f8181db66a91bcc8cea139998b53a8996;a=commitdiff;h=2db98f9c66135601efb103d8db7d020a672308db;a=commitdiff;h=99f13091a3f309bdc95d275ea9fec10bb9f42d9a;a=commitdiff;h=59d8f4deef90c1598ff50616519d5576756b4495;a=commitdiff;h=2768d1a6dddb83f5c061207a7ed2813999c1b5c9;a=commitdiff;h=49c8092da88ef6bb0aa281fe294ae0925a44b5b9