CVE 2023 36664 Ghostscript in linux php

this is not a direct reproduce of CVE-2023-36664 vulnerability, otherwise something similar with pipe | in php . i show afterwards how to install the latest version to fix the vulnerability for linux system.

This vulnerability relates to operating system pipes, which are a mechanism by which different software components can communicate with each other by having the output of one application represent the input of another. For example, these pipes are often represented by the "|" symbol on the command line.

to fix the vulnerability on Linux, download the latest version of the Ghost script and install it.
The current Ghostscript release 10.01.2 (tar gz) can be downloaded here:
https://github.com/ArtifexSoftware/ghostpdl-downloads/releases
extract the file
chmod 755 configure
./configure
sudo make
sudo make install
gs --version

Тэги:

#ghostscript #CVE_2023_36664 #how_to_fix #linux #ubuntu

Скачать видео