Описание
ELSA-2018-3834: ghostscript security and bug fix update (IMPORTANT)
[9.07-31.el7_6.6]
- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--)
[9.07-31.el7_6.5]
- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141)
[9.07-31.el7_6.4]
- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect 'restoration of privilege' checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ghostscript
9.07-31.el7_6.6
ghostscript-cups
9.07-31.el7_6.6
ghostscript-devel
9.07-31.el7_6.6
ghostscript-doc
9.07-31.el7_6.6
ghostscript-gtk
9.07-31.el7_6.6
Oracle Linux x86_64
ghostscript
9.07-31.el7_6.6
ghostscript-cups
9.07-31.el7_6.6
ghostscript-devel
9.07-31.el7_6.6
ghostscript-doc
9.07-31.el7_6.6
ghostscript-gtk
9.07-31.el7_6.6
