Security Advisory ghostscript uses mktemp instead of mkstemp, and uses an improper LD_RUN_PATH

Advisory: RHSA-2000:114-04
Type: Security Advisory
Severity: N/A
Issued on: 2000-11-22
Last updated on: 2001-02-25
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
OVAL: N/A
CVEs (cve.mitre.org): CVE-2000-1162

Details

ghostscript makes use of mktemp instead of mkstemp to create temp files;
and also uses improper LD_RUN_PATH values, causing it to search for
libraries in the current directory.


2000-11-27: Added packages for Red Hat Linux 7 for Alpha

ghostscript makes use of mktemp to create temp files, which is an insecure and predictable apporoach, it is now patched to use mkstemp, which avoid the race condition on the name.

It also uses improper LD_RUN_PATH values, causing ghostscript to search for libraries to load in current directorys.


Solution

For each RPM for your particular architecture, run:



rpm -Fvh [filename]



where filename is the name of the RPM.

Updated packages

Red Hat Linux 6.2
alpha:
ftp://updates.redhat.com/6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm
Missing file		     2e2944851c391f4ef50394d6b0c4a76a
 
i386:
ftp://updates.redhat.com/6.2/i386/ghostscript-5.50-8_6.x.i386.rpm
Missing file		     9a4b61ddea7d18722198b772d6164619
 
sparc:
ftp://updates.redhat.com/6.2/sparc/ghostscript-5.50-8_6.x.sparc.rpm
Missing file		     fba7b417faaf19629642325ec6f34b84
 
Red Hat Linux 7.0
alpha:
ftp://updates.redhat.com/7.0/alpha/ghostscript-5.50-8.alpha.rpm
Missing file		     bd8b80bada77d59ee28aa72f6e5674e4
 
i386:
ftp://updates.redhat.com/7.0/i386/ghostscript-5.50-8.i386.rpm
Missing file		     0d5f4448d5245721b1e2762f360791f2
 

Bugs fixed (see bugzilla for more information)

20924 - gs reads libraries from current directory


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1162
N/A

Keywords

LD_RUN_PATH

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/