Google Project Zero's security researcher has discovered a critical remote code execution (RCE) vulnerability in Ghostscript—an open source interpreter for Adobe Systems' PostScript and PDF page description languages.
Written entirely in C, Ghostscript is a package of software that runs on different platforms, including Windows, macOS, and a wide variety of Unix systems, offering software the ability to convert PostScript language files (or EPS) to many raster formats, such as PDF, XPS, PCL or PXL.
A lot of popular PDF and image editing software, including ImageMagick and GIMP, use Ghostscript library to parse the content and convert file formats.
Ormandy advised Linux distributions to disable the processing of PS, EPS, PDF, and XPS content until the issue is addressed.
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources
-- MX Linux on social media: here
-- Mepis support still here
-- MX-17.1 Final release info here
-- antiX-17 release info here
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules
Report Bugs, Issues and non- pacakage Requests
1 post • Page 1 of 1
https://thehackernews.com/2018/08/ghost ... ility.html