Описание
ELSA-2017-1230: ghostscript security update (IMPORTANT)
[8.70-23.el6_9.2]
- Security fix for CVE-2017-8291 updated to address SIGSEGV
[8.70-23.el6_9.1]
- Added security fix for CVE-2017-8291 (bug #1446063)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
ghostscript
8.70-23.el6_9.2
ghostscript-devel
8.70-23.el6_9.2
ghostscript-doc
8.70-23.el6_9.2
ghostscript-gtk
8.70-23.el6_9.2
Oracle Linux i686
ghostscript
8.70-23.el6_9.2
ghostscript-devel
8.70-23.el6_9.2
ghostscript-doc
8.70-23.el6_9.2
ghostscript-gtk
8.70-23.el6_9.2
Oracle Linux sparc64
ghostscript
8.70-23.el6_9.2
ghostscript-devel
8.70-23.el6_9.2
ghostscript-doc
8.70-23.el6_9.2
ghostscript-gtk
8.70-23.el6_9.2
Oracle Linux 7
Oracle Linux x86_64
ghostscript
9.07-20.el7_3.5
ghostscript-cups
9.07-20.el7_3.5
ghostscript-devel
9.07-20.el7_3.5
ghostscript-doc
9.07-20.el7_3.5
ghostscript-gtk
9.07-20.el7_3.5
Связанные CVE
Связанные уязвимости
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remot ...
