Debian Security Advisory
DSA-5038-1 ghostscript -- security update
- Date Reported:
- 08 Jan 2022
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2021-45944, CVE-2021-45949.
- More information:
Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
For the oldstable distribution (buster), these problems have been fixed in version 9.27~dfsg-2+deb10u5.
For the stable distribution (bullseye), these problems have been fixed in version 9.53.3~dfsg-7+deb11u2.
We recommend that you upgrade your ghostscript packages.
For the detailed security status of ghostscript please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ghostscript