Описание
ELSA-2018-3761: ghostscript security and bug fix update (IMPORTANT)
[9.07-31.el7_6.3]
- Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage)
[9.07-31.el7_6.2]
- Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ghostscript
9.07-31.el7_6.3
ghostscript-cups
9.07-31.el7_6.3
ghostscript-devel
9.07-31.el7_6.3
ghostscript-doc
9.07-31.el7_6.3
ghostscript-gtk
9.07-31.el7_6.3
Oracle Linux x86_64
ghostscript
9.07-31.el7_6.3
ghostscript-cups
9.07-31.el7_6.3
ghostscript-devel
9.07-31.el7_6.3
ghostscript-doc
9.07-31.el7_6.3
ghostscript-gtk
9.07-31.el7_6.3
Связанные CVE
Связанные уязвимости
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An ...
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.