An update for enscript is now available for openEuler-22.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-24.03-LTS,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1051 Final 1.0 1.0 2025-01-17 Initial 2025-01-17 2025-01-17 openEuler SA Tool V1.0 2025-01-17 enscript security update An update for enscript is now available for openEuler-22.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-24.03-LTS,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1 GNU enscript is a computer program that converts text files to PostScript, RTF, or HTML formats. If no input files are given, enscript processes standard input. Enscript can be extended to handle different output media and it has many options which can be used to customize print-outs. Security Fix(es): (CVE-2018-17942) An update for enscript is now available for openEuler-22.03-LTS-SP3,openEuler-20.03-LTS-SP4,openEuler-24.03-LTS,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS-SP1. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High enscript https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1051 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2018-17942 https://nvd.nist.gov/vuln/detail/CVE-2018-17942 openEuler-22.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-24.03-LTS openEuler-22.03-LTS-SP4 openEuler-24.03-LTS-SP1 enscript-1.6.6-22.oe2203sp3.aarch64.rpm enscript-debuginfo-1.6.6-22.oe2203sp3.aarch64.rpm enscript-debugsource-1.6.6-22.oe2203sp3.aarch64.rpm enscript-help-1.6.6-22.oe2203sp3.aarch64.rpm enscript-1.6.6-22.oe2003sp4.aarch64.rpm enscript-debuginfo-1.6.6-22.oe2003sp4.aarch64.rpm enscript-debugsource-1.6.6-22.oe2003sp4.aarch64.rpm enscript-help-1.6.6-22.oe2003sp4.aarch64.rpm enscript-1.6.6-22.oe2403.aarch64.rpm enscript-debuginfo-1.6.6-22.oe2403.aarch64.rpm enscript-debugsource-1.6.6-22.oe2403.aarch64.rpm enscript-help-1.6.6-22.oe2403.aarch64.rpm enscript-1.6.6-22.oe2203sp4.aarch64.rpm enscript-debuginfo-1.6.6-22.oe2203sp4.aarch64.rpm enscript-debugsource-1.6.6-22.oe2203sp4.aarch64.rpm enscript-help-1.6.6-22.oe2203sp4.aarch64.rpm enscript-1.6.6-22.oe2403sp1.aarch64.rpm enscript-debuginfo-1.6.6-22.oe2403sp1.aarch64.rpm enscript-debugsource-1.6.6-22.oe2403sp1.aarch64.rpm enscript-help-1.6.6-22.oe2403sp1.aarch64.rpm enscript-1.6.6-22.oe2203sp3.src.rpm enscript-1.6.6-22.oe2003sp4.src.rpm enscript-1.6.6-22.oe2403.src.rpm enscript-1.6.6-22.oe2203sp4.src.rpm enscript-1.6.6-22.oe2403sp1.src.rpm enscript-1.6.6-22.oe2203sp3.x86_64.rpm enscript-debuginfo-1.6.6-22.oe2203sp3.x86_64.rpm enscript-debugsource-1.6.6-22.oe2203sp3.x86_64.rpm enscript-help-1.6.6-22.oe2203sp3.x86_64.rpm enscript-1.6.6-22.oe2003sp4.x86_64.rpm enscript-debuginfo-1.6.6-22.oe2003sp4.x86_64.rpm enscript-debugsource-1.6.6-22.oe2003sp4.x86_64.rpm enscript-help-1.6.6-22.oe2003sp4.x86_64.rpm enscript-1.6.6-22.oe2403.x86_64.rpm enscript-debuginfo-1.6.6-22.oe2403.x86_64.rpm enscript-debugsource-1.6.6-22.oe2403.x86_64.rpm enscript-help-1.6.6-22.oe2403.x86_64.rpm enscript-1.6.6-22.oe2203sp4.x86_64.rpm enscript-debuginfo-1.6.6-22.oe2203sp4.x86_64.rpm enscript-debugsource-1.6.6-22.oe2203sp4.x86_64.rpm enscript-help-1.6.6-22.oe2203sp4.x86_64.rpm enscript-1.6.6-22.oe2403sp1.x86_64.rpm enscript-debuginfo-1.6.6-22.oe2403sp1.x86_64.rpm enscript-debugsource-1.6.6-22.oe2403sp1.x86_64.rpm enscript-help-1.6.6-22.oe2403sp1.x86_64.rpm The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing. 2025-01-17 CVE-2018-17942 openEuler-22.03-LTS-SP3 openEuler-20.03-LTS-SP4 openEuler-24.03-LTS openEuler-22.03-LTS-SP4 openEuler-24.03-LTS-SP1 High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H enscript security update 2025-01-17 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1051