|
|
Line 1: |
Line 1: |
| ==Overview==
| |
| This page is related to the [[Security:Security Advisories/BSSA-2023-01|BSSA-2023-01 Security Advisory]].
| |
|
| |
|
| Older versions of Ghostscript open a way for script infusion.
| |
|
| |
| Because of bugs in the Ghostscript binary out of the BlueSpice package manager, Hallo Welt! mostly installed manually on Linux systems. These bugs no longer seem to be a problem.
| |
| ==How to update - Linux==
| |
|
| |
| # '''Check '''the system for manual installation and delete it:<syntaxhighlight lang="bash">ls -al /usr/local/bin</syntaxhighlight>If there is a binary called<syntaxhighlight lang="bash">gs</syntaxhighlight>delete it:<syntaxhighlight lang="bash">
| |
| rm -fr /usr/local/bin/gs</syntaxhighlight>
| |
| #'''Check''' the system for an installation out of the package manager (Ghostscript comes as a dependency of ImageMagik):<syntaxhighlight lang="bash">
| |
| dpkg -l ghostscript
| |
| </syntaxhighlight>for Debian 11 this should look like:<syntaxhighlight lang="bash">
| |
| root@XXXXXXXXXXXX:~# dpkg -l ghostscript
| |
| Gewünscht=Unbekannt/Installieren/R=Entfernen/P=Vollständig Löschen/Halten
| |
| | Status=Nicht/Installiert/Config/U=Entpackt/halb konFiguriert/
| |
| Halb installiert/Trigger erWartet/Trigger anhängig
| |
| |/ Fehler?=(kein)/R=Neuinstallation notwendig (Status, Fehler: GROSS=schlecht)
| |
| ||/ Name Version Architektur Beschreibung
| |
| +++-==============-=====================-============-===================================================
| |
| ii ghostscript 9.53.3~dfsg-7+deb11u5 amd64 interpreter for the PostScript language and for PDF
| |
|
| |
| </syntaxhighlight>For Debian 12 the Version is "10.0.0~dfsg-11+deb12u1"<br>For Ubuntu 22 the Version is "9.50~dfsg-5ubuntu4.8"<br><br>If it does not match the needed Version please do an:<syntaxhighlight lang="bash">
| |
| apt update
| |
| apt upgrade -y
| |
| </syntaxhighlight>and recheck.<br /><br />
| |
| #'''Change''' the settings in the codebase. <br /><br>Go to the directory where the codebase is saved (check your ApacheConfiguration for''DocumentRoot'' if you are not sure). Normally it should look like this:<syntaxhighlight lang="bash">
| |
| root@XXXXX:/var/www/bluespice/w/settings.d# grep -rin PdfProcessor
| |
| 005-PdfHandler.php:5:$wgPdfProcessor = '/usr/local/bin/gs';
| |
| </syntaxhighlight>It could be <code>005-PdfHandler.php</code> or some other configuration file.<br /><br />
| |
| #'''Find''' '''and change''' the variable to the correct path, for example with this command:<syntaxhighlight lang="bash">
| |
| sed -i 's/local\///g' 005-PdfHandler.php
| |
| </syntaxhighlight>Double-check:<syntaxhighlight lang="bash">
| |
| root@XXXXXXXXXXX:/var/www/bluespice/w/settings.d# grep -rin PdfProcessor
| |
| 005-PdfHandler.php:5:$wgPdfProcessor = '/usr/bin/gs';
| |
|
| |
| </syntaxhighlight>
| |
|
| |
| Your system is now patched.
| |
|
| |
| ==How to update - Windows==
| |
|
| |
| #'''Deinstall''' the package ''GPL Ghostscript''.
| |
| #'''Download''' the package ''Ghostscript AGPL Release'' from https://www.ghostscript.com/releases/gsdnld.html .
| |
| #'''Install''' the new package.
| |
|
| |
| Your system is now patched.
| |
|
| |
| __FORCETOC__
| |