Hi, hope all of you are well. From what I read many different kinds of softwares use Ghostscript including Libre Office. There are a few more listed in the article. It also says to upgrade to the newest version of Ghostscript which is v10.03.1, and I checked the Enabled Repos of MXPI and there is only version 10.0.0 at this time. I checked the MX Test repos and Debian Backports too and the same version is there as well. Maybe no one has caught this yet or maybe they haven't issued a patch for it yet perhaps? Let me know your thoughts and if this is even something to be concerned about. Thanks! Article link below:
https://www.bleepingcomputer.com/news/s ... n-attacks/
Has anyone heard of this new RCE bug exploit in Ghostscript Library? [Solved]
-
CyberGhost
- Posts: 210
- Joined: Thu Jan 10, 2019 9:27 pm
-
anticapitalista
- Developer
- Posts: 4288
- Joined: Sat Jul 15, 2006 10:40 am
Re: Has anyone heard of this new RCE bug exploit in Ghostscript Library? [Solved]
Seems like Debian applied the patch in May
Uniprint device - prevent string configuration changes when SAFER
(CVE-2024-29510)
https://metadata.ftp-master.debian.org/ ... _changelog
Uniprint device - prevent string configuration changes when SAFER
(CVE-2024-29510)
https://metadata.ftp-master.debian.org/ ... _changelog
anticapitalista
Reg. linux user #395339.
Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - lean and mean.
https://antixlinux.com
Reg. linux user #395339.
Philosophers have interpreted the world in many ways; the point is to change it.
antiX with runit - lean and mean.
https://antixlinux.com
Re: Has anyone heard of this new RCE bug exploit in Ghostscript Library?
Thanks for the info anticapitalista!
-
CyberGhost
- Posts: 210
- Joined: Thu Jan 10, 2019 9:27 pm
Re: Has anyone heard of this new RCE bug exploit in Ghostscript Library?
@anticapitalista Thanks so much for the info and your input! Good to know!