ELSA-2018-3650

ELSA-2018-3650 - ghostscript security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-11-26

Description


[9.07-31.el7_6.1]
- Remove as many non-standard operators as possible to make the codebase
closer to upstream for later CVEs
- Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type
checker (699659)
- Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission
issues (699657)
- Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete
type checking (699660)


Related CVEs


CVE-2018-15908
CVE-2018-15909
CVE-2018-16511
CVE-2018-16539

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) ghostscript-9.07-31.el7_6.1.src.rpm8dfca3216c962b96d6a1b86d892016e8-
ghostscript-9.07-31.el7_6.1.aarch64.rpmdc16da756e3be97180ec42f907224fe9-
ghostscript-cups-9.07-31.el7_6.1.aarch64.rpme130876fe959e24785183e41b36ee862-
ghostscript-devel-9.07-31.el7_6.1.aarch64.rpmea110ef5f7766cf0098ed0fca418ed9d-
ghostscript-doc-9.07-31.el7_6.1.noarch.rpmd96b4b1fe99d7a54c71c46084e2d3d0d-
ghostscript-gtk-9.07-31.el7_6.1.aarch64.rpm5bd82c6eede4ad7d3d3fd36fa0a9443c-
Oracle Linux 7 (x86_64) ghostscript-9.07-31.el7_6.1.src.rpm8dfca3216c962b96d6a1b86d892016e8-
ghostscript-9.07-31.el7_6.1.i686.rpmdd72269da0665fcb983a6e85d804ac8c-
ghostscript-9.07-31.el7_6.1.x86_64.rpm012e8ad709410f653eeca3ba4cfaaf4d-
ghostscript-cups-9.07-31.el7_6.1.x86_64.rpm8f4f2bc96b5606428de490d431329ff6-
ghostscript-devel-9.07-31.el7_6.1.i686.rpm4383bc0ea161db3d3b57b7bfac0e1db0-
ghostscript-devel-9.07-31.el7_6.1.x86_64.rpmf7941bb10ad5cbad43080cff746b8365-
ghostscript-doc-9.07-31.el7_6.1.noarch.rpmd96b4b1fe99d7a54c71c46084e2d3d0d-
ghostscript-gtk-9.07-31.el7_6.1.x86_64.rpm3fdecc476a0d8313d1884277c1407934-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete