RLSA-2023:5459

Опубликовано: 06 окт. 2023

Источник: rocky

Оценка: Important

Описание

Important: ghostscript security update

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

Security Fix(es):

ghostscript: vulnerable to OS command injection due to mishandles permission validation for pipe devices (CVE-2023-36664)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
ghostscript	aarch64	10.el9_2	ghostscript-9.54.0-10.el9_2.aarch64.rpm
ghostscript-doc	noarch	10.el9_2	ghostscript-doc-9.54.0-10.el9_2.noarch.rpm
ghostscript-tools-dvipdf	aarch64	10.el9_2	ghostscript-tools-dvipdf-9.54.0-10.el9_2.aarch64.rpm
ghostscript-tools-fonts	aarch64	10.el9_2	ghostscript-tools-fonts-9.54.0-10.el9_2.aarch64.rpm
ghostscript-tools-printing	aarch64	10.el9_2	ghostscript-tools-printing-9.54.0-10.el9_2.aarch64.rpm
ghostscript-x11	aarch64	10.el9_2	ghostscript-x11-9.54.0-10.el9_2.aarch64.rpm
libgs	aarch64	10.el9_2	libgs-9.54.0-10.el9_2.aarch64.rpm