ELSA-2024-6197

ULN >
Oracle Linux Errata repository >
ELSA-2024-6197

ELSA-2024-6197 - ghostscript security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-09-03

Description

[9.54.0-17]
- RHEL-44759 CVE-2024-33870 ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths
- RHEL-44745 CVE-2024-33869 ghostscript: path traversal and command execution due to path reduction
- RHEL-44731 CVE-2024-29510 ghostscript: format string injection leads to shell command execution (SAFER bypass)

Related CVEs

CVE-2024-29510

CVE-2024-33870

CVE-2024-33869

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ghostscript-9.54.0-17.el9_4.src.rpm	c43244b938488d6af518e6689b8843059190a451ed9b0aa0cbaafe88628f0e13	-	ol9_aarch64_appstream
	ghostscript-9.54.0-17.el9_4.src.rpm	c43244b938488d6af518e6689b8843059190a451ed9b0aa0cbaafe88628f0e13	-	ol9_aarch64_codeready_builder
	ghostscript-9.54.0-17.el9_4.aarch64.rpm	f71b51995794407223364c9cc70e74a78b9bb3d679c649e74ac0d18822ee53c2	-	ol9_aarch64_appstream
	ghostscript-doc-9.54.0-17.el9_4.noarch.rpm	7af49c63f6b6e925a801fc210cc6a4d83dace65e295aa38df2ee3d25b010e860	-	ol9_aarch64_appstream
	ghostscript-tools-dvipdf-9.54.0-17.el9_4.aarch64.rpm	a7cd6af6f037f5ff7aae170d1540c23ab1c88729c2bbab644bea77c7d80d9d05	-	ol9_aarch64_appstream
	ghostscript-tools-fonts-9.54.0-17.el9_4.aarch64.rpm	cf22ca1c872a4d6238b5d13a1d16a95675e7abb8d9d9ca3c864a6c5d83b68f9b	-	ol9_aarch64_appstream
	ghostscript-tools-printing-9.54.0-17.el9_4.aarch64.rpm	358fe5d5c4a7c0cd3480920035aa8e6c34c0b74a4e4210d5d38b76abb8d5c6f6	-	ol9_aarch64_appstream
	ghostscript-x11-9.54.0-17.el9_4.aarch64.rpm	05229a570628335d3465e4ab7871763ea50c2d46b3657f7cd10e28a1edc36e34	-	ol9_aarch64_appstream
	libgs-9.54.0-17.el9_4.aarch64.rpm	8ae2b5229ee5a40981328c4fa5f5700931d39af07ca6348b3f35e5f591f9fcee	-	ol9_aarch64_appstream
	libgs-devel-9.54.0-17.el9_4.aarch64.rpm	39264651c82b9395eed2b2dae8ed61379c4ffa12d045a60e9e7a2ea75667770c	-	ol9_aarch64_codeready_builder

Oracle Linux 9 (x86_64)	ghostscript-9.54.0-17.el9_4.src.rpm	c43244b938488d6af518e6689b8843059190a451ed9b0aa0cbaafe88628f0e13	-	ol9_x86_64_appstream
	ghostscript-9.54.0-17.el9_4.src.rpm	c43244b938488d6af518e6689b8843059190a451ed9b0aa0cbaafe88628f0e13	-	ol9_x86_64_codeready_builder
	ghostscript-9.54.0-17.el9_4.i686.rpm	c7ac1a631c7ee320dcf39b03bc66bb5965b56eaf3e2dee0066f57dceaf643bec	-	ol9_x86_64_codeready_builder
	ghostscript-9.54.0-17.el9_4.x86_64.rpm	ebfbe21d49091bcba6ef90e0ee34a6308e6f5b6381aa9b9d747bc0c04e812ece	-	ol9_x86_64_appstream
	ghostscript-doc-9.54.0-17.el9_4.noarch.rpm	7af49c63f6b6e925a801fc210cc6a4d83dace65e295aa38df2ee3d25b010e860	-	ol9_x86_64_appstream
	ghostscript-tools-dvipdf-9.54.0-17.el9_4.x86_64.rpm	ff0cbb334e37e7ed1a966b8c43b32099fea7c83785fd336e0fab0b6b0afccb58	-	ol9_x86_64_appstream
	ghostscript-tools-fonts-9.54.0-17.el9_4.i686.rpm	4e6b884bde74013ad063b4fa36fe9c5ccc77299df876fa9a637b063d32dbaa59	-	ol9_x86_64_codeready_builder
	ghostscript-tools-fonts-9.54.0-17.el9_4.x86_64.rpm	20a5da3041c80e62f7fc9c8d79fb0d2934c5ab87f579dac77664a8cb4897df9a	-	ol9_x86_64_appstream
	ghostscript-tools-printing-9.54.0-17.el9_4.i686.rpm	e3e168304d77f1cec26facf3f6dd9ac093cca79435660394ec4118fe670e0ec5	-	ol9_x86_64_codeready_builder
	ghostscript-tools-printing-9.54.0-17.el9_4.x86_64.rpm	00e97e651cc3cecc28900f3ef15c8ff8eefc369ff93c839cc81c62c26e292f09	-	ol9_x86_64_appstream
	ghostscript-x11-9.54.0-17.el9_4.x86_64.rpm	cf93f66372f78df90ad22fb3caa04dcdf021219f83b18d05b5e85c126ec7d281	-	ol9_x86_64_appstream
	libgs-9.54.0-17.el9_4.i686.rpm	ff11b720c6f9bd8a3d15ecb022484e665466260258fe59e5a643d27fd80935ac	-	ol9_x86_64_appstream
	libgs-9.54.0-17.el9_4.x86_64.rpm	3a40cc2470be3dfe52b9be57fd7a2257ab84a2ec90698f0b9b2c31047216a2b9	-	ol9_x86_64_appstream
	libgs-devel-9.54.0-17.el9_4.i686.rpm	6c870b730e61e88bd5f0e758d4030fa75e88003507727eb9e4e71041b07e1c5a	-	ol9_x86_64_codeready_builder
	libgs-devel-9.54.0-17.el9_4.x86_64.rpm	db9cc50a00bf3471dd77aa721b6774cfdb2158388aa2b407cbc5ab4cc0013114	-	ol9_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691