ELSA-2019-2591

ULN >
Oracle Linux Errata repository >
ELSA-2019-2591

ELSA-2019-2591 - ghostscript security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2019-09-06

Description

[9.25-2.3]
- Resolves: #1744010 - CVE-2019-14811 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdf_hook_DSC_Creator (701445)
- Resolves: #1744014 - CVE-2019-14812 ghostscript: Safer Mode Bypass by .forceput Exposure in setuserparams (701444)
- Resolves: #1744005 - CVE-2019-14813 ghostscript: Safer Mode Bypass by .forceput Exposure in setsystemparams (701443)
- Resolves: #1744230 - CVE-2019-14817 ghostscript: Safer Mode Bypass by .forceput Exposure in .pdfexectoken and other procedures (701450)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	ghostscript-9.25-2.el8_0.3.src.rpm	62c211bf83cfd4fd530abaea0eefdbc050e0e8b11f679ca7621f13f77aedc78e	-	ol8_aarch64_appstream
	ghostscript-9.25-2.el8_0.3.src.rpm	62c211bf83cfd4fd530abaea0eefdbc050e0e8b11f679ca7621f13f77aedc78e	-	ol8_aarch64_codeready_builder
	ghostscript-9.25-2.el8_0.3.aarch64.rpm	4246d79f8f2a7a47300984251ad6f9918534a9bd42aff9a6db36e3cc50059b17	-	ol8_aarch64_appstream
	ghostscript-doc-9.25-2.el8_0.3.noarch.rpm	b13ed32865bbd590a053079ba8b20d9ec2b4218a5b473df11674070d474ca273	-	ol8_aarch64_codeready_builder
	ghostscript-tools-dvipdf-9.25-2.el8_0.3.aarch64.rpm	6432620246ec55cfe914b1a06c309c3b44112ba89b60994b7ef497eae3cd66e3	-	ol8_aarch64_codeready_builder
	ghostscript-tools-fonts-9.25-2.el8_0.3.aarch64.rpm	74cbff36996d53b7cb14068b5b56bd1f9fc70adac8fea45eb1355870bf56995e	-	ol8_aarch64_codeready_builder
	ghostscript-tools-printing-9.25-2.el8_0.3.aarch64.rpm	8f982e1aaf4c4047a27f4706761114fab6185f0b552115b17264c57d3f36b7af	-	ol8_aarch64_codeready_builder
	ghostscript-x11-9.25-2.el8_0.3.aarch64.rpm	822b4549a45aa123a4b1fc36b3b963bccb8c4237d147e92b3a07d2bbfad33c44	-	ol8_aarch64_codeready_builder
	libgs-9.25-2.el8_0.3.aarch64.rpm	66b66da5ed1ae2a3d0f50a2db77d7fe14751439735813ed647a86a2e7e5e5388	-	ol8_aarch64_appstream
	libgs-devel-9.25-2.el8_0.3.aarch64.rpm	d2e1982476fc3bfc08e9e83ea60a8912870cb6154c9dcc10a8ff696e395ed2c5	-	ol8_aarch64_codeready_builder

Oracle Linux 8 (x86_64)	ghostscript-9.25-2.el8_0.3.src.rpm	62c211bf83cfd4fd530abaea0eefdbc050e0e8b11f679ca7621f13f77aedc78e	-	ol8_x86_64_appstream
	ghostscript-9.25-2.el8_0.3.src.rpm	62c211bf83cfd4fd530abaea0eefdbc050e0e8b11f679ca7621f13f77aedc78e	-	ol8_x86_64_codeready_builder
	ghostscript-9.25-2.el8_0.3.x86_64.rpm	e1991757dd28c3b2e5dcb48c7a0620c639af6bea198b1c4cab4fd24495855103	-	ol8_x86_64_appstream
	ghostscript-doc-9.25-2.el8_0.3.noarch.rpm	b13ed32865bbd590a053079ba8b20d9ec2b4218a5b473df11674070d474ca273	-	ol8_x86_64_codeready_builder
	ghostscript-tools-dvipdf-9.25-2.el8_0.3.x86_64.rpm	ad5a22e81114c3b5a1c99ac2dcaba3574cb4995416483f3e78cda893e38b7109	-	ol8_x86_64_codeready_builder
	ghostscript-tools-fonts-9.25-2.el8_0.3.x86_64.rpm	f3c9162c7bdab3edaf22dbad7b769463d1a630c00d2d508107bf545cfea3972f	-	ol8_x86_64_codeready_builder
	ghostscript-tools-printing-9.25-2.el8_0.3.x86_64.rpm	1a5056cba662bc5f6bae4aa70d87760bdc85a5a1a662ad9e99a36bf9f446946a	-	ol8_x86_64_codeready_builder
	ghostscript-x11-9.25-2.el8_0.3.x86_64.rpm	c8dce35b0dfb45c887f7c2b95d0632c48e832155bf4851f4e720d6cd36926b23	-	ol8_x86_64_codeready_builder
	libgs-9.25-2.el8_0.3.i686.rpm	13b0d58a06fe37f8942b0597f1c56ac1e70b40ebc49e3f9e1bbaacd7a7ce2bf7	-	ol8_x86_64_appstream
	libgs-9.25-2.el8_0.3.x86_64.rpm	c804cb8b321fbbcfe4950672b9a98198b964a238144369a18a378aac0e49df44	-	ol8_x86_64_appstream
	libgs-devel-9.25-2.el8_0.3.i686.rpm	e2822e98742096a4503330598d281000031b68beaf617789ac2b1906c1351e84	-	ol8_x86_64_codeready_builder
	libgs-devel-9.25-2.el8_0.3.x86_64.rpm	0d2a0defa7cc4a154cb27c75b651d4cb8158ecdc2fc76cc24d8ee49ea3a8fa94	-	ol8_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691