Описание
ELSA-2019-1017: ghostscript security update (IMPORTANT)
[9.07-31.el7_6.11]
- Resolves: #1673398 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116
- fix for pdf2dsc regression added
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
ghostscript
9.07-31.el7_6.11
ghostscript-cups
9.07-31.el7_6.11
ghostscript-devel
9.07-31.el7_6.11
ghostscript-doc
9.07-31.el7_6.11
ghostscript-gtk
9.07-31.el7_6.11
Oracle Linux x86_64
ghostscript
9.07-31.el7_6.11
ghostscript-cups
9.07-31.el7_6.11
ghostscript-devel
9.07-31.el7_6.11
ghostscript-doc
9.07-31.el7_6.11
ghostscript-gtk
9.07-31.el7_6.11
Связанные CVE
Связанные уязвимости
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.27 are vulnerable.
It was found that in ghostscript some privileged operators remained ac ...
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscript versions before 9.28 are vulnerable.