Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-4042

created 5 months, 3 weeks ago

Ghostscript: incomplete fix for cve-2020-16305

A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.

References

RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry
https://bugzilla.redhat.com/show_bug.cgi?id=1870257
RHBZ#2228151 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-4042 x_refsource_REDHAT vdb-entry x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1870257 x_transferred
RHBZ#2228151 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2023:7053 x_refsource_REDHAT vendor-advisory x_transferred

Affected products

ghostscript

==9.51
*

gimp:flatpak/ghostscript

Matching in nixpkgs

pkgs.ghostscriptX

PostScript interpreter (mainline version)

nixos-unstable -
- nixpkgs-unstable 10.05.1

pkgs.ghostscript_headless

PostScript interpreter (mainline version)

nixos-unstable -
- nixpkgs-unstable 10.05.1

pkgs.python312Packages.ghostscript

Interface to the Ghostscript C-API using ctypes

nixos-unstable -
- nixpkgs-unstable 0.7

pkgs.python313Packages.ghostscript

Interface to the Ghostscript C-API using ctypes

nixos-unstable -
- nixpkgs-unstable 0.7

pkgs.tests.texlive.dvipng.ghostscript

None

nixos-unstable -
- nixpkgs-unstable

pkgs.haskellPackages.ghostscript-parallel

Let Ghostscript render pages in parallel

nixos-unstable -
- nixpkgs-unstable 0.0.1

Package maintainers

@tobim Tobias Mayer <nix@tobim.fastmail.fm>
@flokli Florian Klink <flokli@flokli.de>

Suggestion detail