Описание
ELSA-2025-4362: ghostscript security update (MODERATE)
[9.27-16]
- RHEL-18396 CVE-2023-46751 ghostscript: dangling pointer in gdev_prn_open_printer_seekable()
- RHEL-67046 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
- RHEL-15067 CVE-2020-27792 ghostscript: heap buffer over write vulnerability in GhostScript's lp8000_print_page() in gdevlp8k.c
- RHEL-67051 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
- RHEL-67051 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
- RHEL-67051 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
ghostscript
9.27-16.el8_10
ghostscript-doc
9.27-16.el8_10
ghostscript-tools-dvipdf
9.27-16.el8_10
ghostscript-tools-fonts
9.27-16.el8_10
ghostscript-tools-printing
9.27-16.el8_10
ghostscript-x11
9.27-16.el8_10
libgs
9.27-16.el8_10
libgs-devel
9.27-16.el8_10
Oracle Linux x86_64
ghostscript
9.27-16.el8_10
ghostscript-doc
9.27-16.el8_10
ghostscript-tools-dvipdf
9.27-16.el8_10
ghostscript-tools-fonts
9.27-16.el8_10
ghostscript-tools-printing
9.27-16.el8_10
ghostscript-x11
9.27-16.el8_10
libgs
9.27-16.el8_10
libgs-devel
9.27-16.el8_10
Ссылки на источники
Связанные уязвимости
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Gh ...