Описание
Security update for ghostscript
This update for ghostscript version 9.26a fixes the following issues:
Security issue fixed:
- CVE-2019-6116: subroutines within pseudo-operators must themselves be pseudo-operators (bsc#1122319)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
ghostscript-9.26a-lp150.2.12.1
ghostscript-devel-9.26a-lp150.2.12.1
ghostscript-mini-9.26a-lp150.2.12.1
ghostscript-mini-devel-9.26a-lp150.2.12.1
ghostscript-x11-9.26a-lp150.2.12.1
libspectre-devel-0.2.8-lp150.2.9.2
libspectre1-0.2.8-lp150.2.9.2
Ссылки
- E-Mail link for openSUSE-SU-2019:0104-1
- SUSE Security Ratings
- SUSE Bug 1122319
- SUSE CVE CVE-2019-6116 page
Описание
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
Затронутые продукты
openSUSE Leap 15.0:ghostscript-9.26a-lp150.2.12.1
openSUSE Leap 15.0:ghostscript-devel-9.26a-lp150.2.12.1
openSUSE Leap 15.0:ghostscript-mini-9.26a-lp150.2.12.1
openSUSE Leap 15.0:ghostscript-mini-devel-9.26a-lp150.2.12.1
Ссылки
- CVE-2019-6116
- SUSE Bug 1122319
- SUSE Bug 1129186
- SUSE Bug 1134156