[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : ghostscript uses mktemp instead of mkstemp, and uses an improper LD_RUN_PATH

Title: ghostscript uses mktemp instead of mkstemp, and uses an improper LD_RUN_PATH
Released by: Red Hat
Date: 22nd November 2000
Printable version: Click here
---------------------------------------------------------------------

                   Red Hat, Inc. Security Advisory



Synopsis:          ghostscript uses mktemp instead of mkstemp, and uses an improper LD_RUN_PATH

Advisory ID:       RHSA-2000:114-03

Issue date:        2000-11-22

Updated on:        2000-11-22

Product:           Red Hat Linux

Keywords:          ghostscript mktemp LD_RUN_PATH

Cross references:  N/A

---------------------------------------------------------------------



1. Topic:



ghostscript makes use of mktemp instead of mkstemp to create temp files;

and also uses improper LD_RUN_PATH values, causing it to search for

libraries in the current directory.



2. Relevant releases/architectures:



Red Hat Linux 5.0 - i386, alpha, sparc

Red Hat Linux 5.1 - i386, alpha, sparc

Red Hat Linux 5.2 - i386, alpha, sparc

Red Hat Linux 6.0 - i386, alpha, sparc

Red Hat Linux 6.1 - i386, alpha, sparc

Red Hat Linux 6.2 - i386, alpha, sparc

Red Hat Linux 7.0 - i386



3. Problem description:



ghostscript makes use of mktemp to create temp files, which is an insecure

and predictable apporoach, it is now patched to use mkstemp, which avoid

the race condition on the name.



It also uses improper LD_RUN_PATH values, causing ghostscript to search for

libraries to load in current directorys.



4. Solution:



For each RPM for your particular architecture, run:



rpm -Fvh [filename]



where filename is the name of the RPM.



5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):



20924 - gs reads libraries from current directory





6. RPMs required:



Red Hat Linux 5.2:



alpha:

http://updates.redhat.com/5.2/alpha/ghostscript-4.03-2.alpha.rpm



sparc:

http://updates.redhat.com/5.2/sparc/ghostscript-4.03-2.sparc.rpm



i386:

http://updates.redhat.com/5.2/i386/ghostscript-4.03-2.i386.rpm



sources:

http://updates.redhat.com/5.2/SRPMS/ghostscript-4.03-2.src.rpm



Red Hat Linux 6.2:



alpha:

http://updates.redhat.com/6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm

http://updates.redhat.com/6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm



sparc:

http://updates.redhat.com/6.2/sparc/ghostscript-5.50-8_6.x.sparc.rpm

http://updates.redhat.com/6.2/sparc/ghostscript-5.50-8_6.x.sparc.rpm



i386:

http://updates.redhat.com/6.2/i386/ghostscript-5.50-8_6.x.i386.rpm

http://updates.redhat.com/6.2/i386/ghostscript-5.50-8_6.x.i386.rpm



sources:

http://updates.redhat.com/6.2/SRPMS/ghostscript-5.50-8_6.x.src.rpm

http://updates.redhat.com/6.2/SRPMS/ghostscript-5.50-8_6.x.src.rpm



Red Hat Linux 7.0:



i386:

http://updates.redhat.com/7.0/i386/ghostscript-5.50-8.i386.rpm



sources:

http://updates.redhat.com/7.0/SRPMS/ghostscript-5.50-8.src.rpm



7. Verification:



MD5 sum                           Package Name

--------------------------------------------------------------------------

d44d8436655d25ca53d0c4a87c5c7c77  5.2/SRPMS/ghostscript-4.03-2.src.rpm

1c8363a912a6f538312b3e457664d0eb  5.2/alpha/ghostscript-4.03-2.alpha.rpm

e11e7ec51f8e6051e50c5a93738f49ed  5.2/i386/ghostscript-4.03-2.i386.rpm

d3550b9fa695207b1405ce12a848eae2  5.2/sparc/ghostscript-4.03-2.sparc.rpm

e8c166031f02c9659f41a7e83ff4c97e  6.2/SRPMS/ghostscript-5.50-8_6.x.src.rpm

2e2944851c391f4ef50394d6b0c4a76a  6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm

9a4b61ddea7d18722198b772d6164619  6.2/i386/ghostscript-5.50-8_6.x.i386.rpm

fba7b417faaf19629642325ec6f34b84  6.2/sparc/ghostscript-5.50-8_6.x.sparc.rpm

6ad7beeb79d23f32ad320a659f5591d6  7.0/SRPMS/ghostscript-5.50-8.src.rpm

0d5f4448d5245721b1e2762f360791f2  7.0/i386/ghostscript-5.50-8.i386.rpm



These packages are GPG signed by Red Hat, Inc. for security.  Our key

is available at:

    http://www.redhat.com/corp/contact.html



You can verify each package with the following command:

    rpm --checksig  



If you only wish to verify that each package has not been corrupted or

tampered with, examine only the md5sum with the following command:

    rpm --checksig --nogpg 



8. References:



N/A





Copyright(c) 2000 Red Hat, Inc.








(C) 1999-2000 All rights reserved.