Google Project Zero's security researcher has discovered a critical remote code execution (RCE) vulnerability in Ghostscript—an open source interpreter for Adobe Systems' PostScript and PDF page description languages.
Written entirely in C, Ghostscript is a package of software that runs on different platforms, including Windows, macOS, and a wide variety of Unix systems, offering software the ability to convert PostScript language files (or EPS) to many raster formats, such as PDF, XPS, PCL or PXL.
A lot of popular PDF and image editing software, including ImageMagick and GIMP, use Ghostscript library to parse the content and convert file formats.
Ormandy advised Linux distributions to disable the processing of PS, EPS, PDF, and XPS content until the issue is addressed.
Do not upgrade your MX 17 or MX18 system installed or live until further notice. A problem with a kernel upgrade has occurred. A fix will be posted when available.
-- Required MX 15/16 Repository Changes
-- Information on torrent hosting changes
-- Information on MX15/16 GPG Keys
-- Spectre and Meltdown vulnerabilities
-- Introducing our new Website
-- MX Linux on social media: here
-- MX-18.3 Point Release release info here
-- Migration Information to MX-18 here
-- antiX-17.4.1 release info here
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules
Report Bugs, Issues and non- pacakage Requests
1 post • Page 1 of 1
https://thehackernews.com/2018/08/ghost ... ility.html