Ghostscript-CVE-2023-36664 - How to fix and Manual:Extension/ContentDroplets/Examples: Difference between pages

(Difference between pages)
(Created page with " == Security Advisory == This page is related to the BSSA-2023-01 Security Advisory. ==Overview== Older versions of Ghostscript open a way for script infusion. Because of bugs in the Ghostscript binary out of the BlueSpice package manager, Hallo Welt! mostly installed manually on Linux systems. These bugs no longer seem to be a problem. ==How to update - Linux== # Check the system for manual installation and delete it:<s...")
Tag: 2017 source edit
 
No edit summary
Tag: 2017 source edit
 
Line 1: Line 1:
{{TOClimit|limit=1|nonum=1|notitle=1|noborder=0|fontlarge=0|inline=1}}
==Lists==
<div class="sectionflex col3 frame">
<div>
=== Statistics ===
<bs:whoisonlinepopup /> (<bs:whoisonlinecount />)
* Number of characters: <bs:countcharacters mode="chars" />
* Number of files: <bs:countfiles />
* Number of pages: <bs:countarticles />
* Number of users: <bs:countusers />
</div>
<div>
===Booklist===
<bs:booklist filter="author1:Margit Link-Rodrigue" />
</div>
<div>
===Links to this page===
<whatlinkshere count="5" period="-" sort="time" showns="0" />
</div>
<div>
===Members in group===
<bs:userlist groups="sysop" count="10" />
</div>
<div>
===Most visited pages===
<bs:toplist count="6" period="-" />
</div>
<div>
===Data query===
<dataquery modified="+" format="ul" count="6" namespaces="Manual" />
</div>
<div>
===Recent Changes===
<recentchanges count="6" period="-" sort="time" showns="0" />
</div>
<div>
===Subpages===
{{Subpages|parentnamespace=Manual|parentpage=Extension/ContentDroplets|cols=no|bullets=yes}}
</div>
<div>
===My last visited pages===
<bs:pagesvisited count="6" maxtitlelength="30" order="time" />
</div>
<div>
===My watchlist===
<bs:watchlist count="6" maxtitlelength="30" order="time" />
</div>
</div>
==Visual formatting==
<div class="sectionflex col3 frame">
<div>
===Button===
{{ButtonLink|external=no|target=Main Page|label=My page 1|format=blue}}&nbsp;{{ButtonLink|external=no|target=Main Page|label=My page 2|format=red}}&nbsp;{{ButtonLink|external=no|target=Main Page|label=My page 3|format=white}}
</div>
<div>
===Modal button===
{{ModalDialog|title=Legal notice|btnLabel=Google.com|body=You are leaving this website. We are not responsible for any content beyond this point.


== Security Advisory ==
[https://google.com Visit google.com]|bgcolor=blue|footer=}}
This page is related to the [[Security:Security Advisories/BSSA-2023-01|BSSA-2023-01 Security Advisory]].
</div>
<div>
===Circled number===
{{CircledNumber|bgColor=#3e5389|fgColor=white|number=1}} Preheat oven to 425°F


==Overview==
{{CircledNumber|bgColor=#3e5389|fgColor=white|number=2}} Mix all the ingredients
Older versions of Ghostscript open a way for script infusion.


Because of bugs in the Ghostscript binary out of the BlueSpice package manager, Hallo Welt! mostly installed manually on Linux systems. These bugs no longer seem to be a problem.
{{CircledNumber|bgColor=#3e5389|fgColor=white|number=3}} Bake for 40 minutes
==How to update  - Linux==


# Check the system for manual installation and delete it:<syntaxhighlight lang="bash">ls -al /usr/local/bin</syntaxhighlight>If there is a binary called<syntaxhighlight lang="bash">gs</syntaxhighlight>
{{CircledNumber|bgColor=#3e5389|fgColor=white|number=4}} Take out and let cool 30 mintes
delete it:<syntaxhighlight lang="bash">
 
rm -fr /usr/local/bin/gs
{{CircledNumber|bgColor=#3e5389|fgColor=white|number=5}} Eat
</div>
<div>
=== {{Icon|bi bi-broadcast|||}}  Icon===
{{Icon|bi bi-book|||}}  User manual
 
{{Icon|bi bi-arrow-right-circle|||}}  Go to "Releases"
 
{{Icon|bi bi-gear|||}}  Admin info
 
{{Icon|bi bi-graph-up|||}}  Business updates
<hr>
 
 
 
<span style="text-align: center; display: block;">{{Icon|bi bi-palette-fill|2em|#08768D|}}<br></span>
 
<span style="text-align: center; display: block;"><big>'''Customization'''</big></span>
 
</div>
 
<div>
===Code===
<syntaxhighlight lang="css">
/* Container holding the image and the text */
.container {
  position: relative;
}
/* Bottom right text */
.text-block {
  position: absolute;
  bottom: 20px;
  right: 20px;
  padding-left: 20px;
  padding-right: 20px;
}
</syntaxhighlight>
</syntaxhighlight>
#Check System for Installation out of Packagemanager(Ghostscript comes as an dependency of ImageMagik)<syntaxhighlight lang="bash">
</div>
dpkg -l ghostscript
<div>
</syntaxhighlight>for  Debian 11 this should look like:<syntaxhighlight lang="bash">
===Math===
root@XXXXXXXXXXXX:~# dpkg -l ghostscript
<math>x=\frac{-b\pm\sqrt{b^2-4ac}}{2a}</math>
Gewünscht=Unbekannt/Installieren/R=Entfernen/P=Vollständig Löschen/Halten
</div>
| Status=Nicht/Installiert/Config/U=Entpackt/halb konFiguriert/
<div>
        Halb installiert/Trigger erWartet/Trigger anhängig
===Chem===
|/ Fehler?=(kein)/R=Neuinstallation notwendig (Status, Fehler: GROSS=schlecht)
<chem>H2NCO2- + H2O <=> NH4+ + CO3^2-</chem>
||/ Name          Version              Architektur  Beschreibung
</div>
+++-==============-=====================-============-===================================================
<div></div>
ii  ghostscript    9.53.3~dfsg-7+deb11u5 amd64        interpreter for the PostScript language and for PDF
<div></div>
</div>
 
==Form fields==
===Create page ===
 
{{CreateInput|alignment=left|buttonlabel=Create minutes|preload=Manual:Extension/ContentDroplets/Checklist|placeholder=Enter page name|prefix=Minutes/}}
<br><br>
<div class="sectionflex col3 frame" style="clear:both">
<div>
===Content filter example 1===
<containerfilter></containerfilter>
 
 
{| class="wikitable"
!City
!Country
|-
|Munich
| Germany
|-
|Hamburg
|Germany
|-
|Vienna
|Austria
|-
|Salzburg
| Austria
|}
</div>
<div>
===Content filter example 2===
<containerfilter selector=".mylist li" />
 
 
<div class="mylist">
*Apple, pear, orange
*Apple
*Orange
*Orange, grape
*Grape
</div>


</syntaxhighlight>For Debian 12 the Version is "10.0.0~dfsg-11+deb12u1"
</div>
<div>
===Checklist===
(Checklist status is only saved for users with "edit" permissions)


For Ubuntu 22 the Version is "9.50~dfsg-5ubuntu4.8"


If it does not match the needed Version please do an<syntaxhighlight lang="bash">
apt update
apt upgrade -y
</syntaxhighlight>and recheck.
#Change Settings in the codebase<br>
Got to whereever the codebase is saved (check your ApacheConfiguration for ''DocumentRoot'' if you are not sure). Normally it should look like this:<syntaxhighlight lang="bash">
root@XXXXX:/var/www/bluespice/w/settings.d# grep -rin PdfProcessor
005-PdfHandler.php:5:$wgPdfProcessor = '/usr/local/bin/gs';


</syntaxhighlight>Could be 005-PdfHandler.php or some other configuration-file.  Find  and change Variable to correct path: For example with this Command:<syntaxhighlight lang="bash">
<bs:checklist type="list" value="false" list="Template:JF Status" />
sed -i 's/local\///g' 005-PdfHandler.php
<br>


</syntaxhighlight>Doublecheck:<syntaxhighlight lang="bash">
[[Manual:Extension/ContentDroplets/Checklist|See example "Meeting minutes"]]
root@XXXXXXXXXXX:/var/www/bluespice/w/settings.d# grep -rin PdfProcessor
</div>
005-PdfHandler.php:5:$wgPdfProcessor = '/usr/bin/gs';


</syntaxhighlight>
<div>
===Checkbox===
(Checkbox status is only saved for users with "edit" permissions)
 
<bs:checkbox checked="false" /> Generate wiki instance
 
<bs:checkbox checked="false" /> Create user "customer"
 
<bs:checkbox checked="false" /> Send password to customer
</div>
<div>
=== Search field===
<bs:tagsearch type="wikipage" namespace="Setup" operator="AND" />
</div>
</div>
==Other==
 
<div class="sectionflex col2 frame">
 
<div>
===Messages===
{{Textbox|boxtype=note|header=|text=This is a Note Message.|icon=yes}}
{{Textbox|boxtype=important|header=|text=This is an Important Message.|icon=yes}}
{{Textbox|boxtype=tip|header=|text=This is a  Tip Message.|icon=yes}}
{{Textbox|boxtype=warning|header=|text=This is a Warning message.|icon=yes}}
{{Textbox|boxtype=neutral|header=|text=This is a generic message.|icon=yes}}
</div>
<div>
=== Progress===
'''Output'''<div><bs:statistics:progress basecount="5" progressitem="closed" width="300" baseitem="Statecheck:" /></div><br />
* This is my topic 1 (Statecheck:open)
*This is my topic 2 (Statecheck:closed)
*This is my topic 3 (Statecheck:closed)
*This is my topic 4 (Statecheck:closed)
*This is my topic 5 (Statecheck:closed)
</div>
</div>
 
===Pros and cons===
{{ProConList|title-advantages=Advantages|title-disadvantages=Disadvantages|advantages=* affordable
* well-known
* easily accessible|disadvantages=* somewhat dated look and feel
* not customizable
* GDPR compliance unclear}}
 
===Attachments===
<attachments>
 
</attachments>
 
=== Decision ===
{{Decision|decision=implement}}


Your system is now patched.
=== Tag cloud ===
<bs:tagcloud renderer="text" store="category" width="100%" showcount="true" minsize="14" maxsize="30" exclude="Pages using Dynamic PageList parser function" />


== How to update  -  Windows ==
===Map===
{{Map|Marienplatz, Munich~Famous tourist attraction|Munich, Germany}}


# '''Deinstall''' the package ''GPL Ghostscript''.
# '''Download''' the package ''Ghostscript AGPL Release'' from https://www.ghostscript.com/releases/gsdnld.html .
# '''Install''' the new package.


Your system is now patched.
===Signature===
<bs:signhere />

Revision as of 12:24, 17 August 2023

Lists

Statistics

Who is online? (0)

  • Number of characters:
  • Number of files: 1006
  • Number of pages: 665
  • Number of users: 56

Links to this page

No results found.

Most visited pages

Subpages

My last visited pages

To see pages you have visited, please log in to your account

My watchlist

Watchlist cannot be displayed because no user is logged in

Visual formatting

Modal button

Google.com

Circled number

1 Preheat oven to 425°F

2 Mix all the ingredients

3 Bake for 40 minutes

4 Take out and let cool 30 mintes

5 Eat

Icon

User manual

Go to "Releases"

Admin info

Business updates




Customization

Code

/* Container holding the image and the text */
.container {
  position: relative;
}
/* Bottom right text */
.text-block {
  position: absolute;
  bottom: 20px;
  right: 20px;
  padding-left: 20px;
  padding-right: 20px;
}

Math

Chem

Form fields

Create page



Content filter example 1


City Country
Munich Germany
Hamburg Germany
Vienna Austria
Salzburg Austria

Content filter example 2


  • Apple, pear, orange
  • Apple
  • Orange
  • Orange, grape
  • Grape

Checklist

(Checklist status is only saved for users with "edit" permissions)



See example "Meeting minutes"

Checkbox

(Checkbox status is only saved for users with "edit" permissions)

Generate wiki instance

Create user "customer"

Send password to customer

Search field

Other

Messages

This is a Note Message.
This is an Important Message.
This is a Tip Message.
This is a Warning message.
This is a generic message.

Progress

Output
100.0%

  • This is my topic 1 (Statecheck:open)
  • This is my topic 2 (Statecheck:closed)
  • This is my topic 3 (Statecheck:closed)
  • This is my topic 4 (Statecheck:closed)
  • This is my topic 5 (Statecheck:closed)

Pros and cons

Advantages Disadvantages
  • affordable
  • well-known
  • easily accessible
  • somewhat dated look and feel
  • not customizable
  • GDPR compliance unclear

Attachments


Decision

implement


Tag cloud

Map

Loading map...


Signature

Signatures



To submit feedback about this documentation, visit our community forum.

No categories assignedEdit

Discussions