|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2019:2281-1 (ghostscript)



From:
              Farhan Ahmed <fahmed@fnal.gov> 


To:
              scientific-linux-errata@listserv.fnal.gov 


Subject:
              Security ERRATA Low: ghostscript on SL7.x x86_64 


Date:
              Mon, 26 Aug 2019 19:00:59 -0000


Message-ID:
              <20190826190059.482.81715@slpackages.fnal.gov>


Synopsis: Low: ghostscript security, bug fix, and enhancement update
Advisory ID:       SLSA-2019:2281-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2018-11645
--

The following packages have been upgraded to a later upstream version:
ghostscript (9.25).

Security Fix(es):

* ghostscript: status command permitted with -dSAFER in psi/zfile.c
allowing attackers to identify the size and existence of files
(CVE-2018-11645)
--

SL7
  x86_64
    ghostscript-9.25-2.el7.i686.rpm
    libgs-9.25-2.el7.x86_64.rpm
    ghostscript-9.25-2.el7.x86_64.rpm
    libgs-9.25-2.el7.i686.rpm
    ghostscript-cups-9.25-2.el7.x86_64.rpm
    ghostscript-doc-9.25-2.el7.noarch.rpm
    ghostscript-gtk-9.25-2.el7.x86_64.rpm
    libgs-devel-9.25-2.el7.i686.rpm
    libgs-devel-9.25-2.el7.x86_64.rpm
    ghostscript-debuginfo-9.25-2.el7.i686.rpm
    ghostscript-debuginfo-9.25-2.el7.x86_64.rpm
  noarch
    ghostscript-doc-9.25-2.el7.noarch.rpm

- Scientific Linux Development Team
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds