Type: | BUG |
Severity: | NA |
Release Date: | 2019-11-21 |
[9.25-5]
- Resolves: #1744011 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdf_hook_DSC_Creator (701445)
- Resolves: #1744015 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams (701444)
- Resolves: #1744006 - CVE-2019-14813 ghostscript: Safer Mode Bypass by .forceput Exposure in setsystemparams (701443)
- Resolves: #1744231 - CVE-2019-14817 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfexectoken and other procedures (701450)
[9.25-4]
- Resolves: #1737337 - CVE-2019-10216 ghostscript: -dSAFER escape via .buildfont1 (701394)
[9.25-3]
- Resolves: #1692798 - CVE-2019-3839 ghostscript: missing attack vector
protections for CVE-2019-6116
- Resolves: #1678170 - CVE-2019-3835 ghostscript: superexec operator
is available (700585)
- Resolves: #1691414 - CVE-2019-3838 ghostscript: forceput in DefineResource
is still accessible (700576)
- fix included for ghostscript: Regression: double comment chars
'%' in gs_init.ps leading to missing metadata
- fix for pdf2dsc regression added to allow fix for CVE-2019-3839
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team