Описание
Security update for ghostscript
This update for ghostscript version 9.26a fixes the following issues:
Security issue fixed:
- CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators (bsc#1122319)
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
ghostscript-9.26a-3.12.1
ghostscript-devel-9.26a-3.12.1
ghostscript-x11-9.26a-3.12.1
SUSE Linux Enterprise Module for Desktop Applications 15
libspectre-devel-0.2.8-3.6.1
libspectre1-0.2.8-3.6.1
Ссылки
- Link for SUSE-SU-2019:0145-1
- E-Mail link for SUSE-SU-2019:0145-1
- SUSE Security Ratings
- SUSE Bug 1122319
- SUSE CVE CVE-2019-6116 page
Описание
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15:ghostscript-9.26a-3.12.1
SUSE Linux Enterprise Module for Basesystem 15:ghostscript-devel-9.26a-3.12.1
SUSE Linux Enterprise Module for Basesystem 15:ghostscript-x11-9.26a-3.12.1
SUSE Linux Enterprise Module for Desktop Applications 15:libspectre-devel-0.2.8-3.6.1
Ссылки
- CVE-2019-6116
- SUSE Bug 1122319
- SUSE Bug 1129186
- SUSE Bug 1134156