ELSA-2024-6197

ULN >
Oracle Linux Errata repository >
ELSA-2024-6197

ELSA-2024-6197 - ghostscript security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-09-03

Description

[9.54.0-17]
- RHEL-44759 CVE-2024-33870 ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths
- RHEL-44745 CVE-2024-33869 ghostscript: path traversal and command execution due to path reduction
- RHEL-44731 CVE-2024-29510 ghostscript: format string injection leads to shell command execution (SAFER bypass)

Related CVEs

CVE-2024-29510

CVE-2024-33870

CVE-2024-33869

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	ghostscript-9.54.0-17.el9_4.src.rpm	096b29f21b0b977743eac2954ab7a14e	-	ol9_aarch64_appstream
	ghostscript-9.54.0-17.el9_4.src.rpm	096b29f21b0b977743eac2954ab7a14e	-	ol9_aarch64_codeready_builder
	ghostscript-9.54.0-17.el9_4.aarch64.rpm	4f2ae1f95eaac07e8c15c3c382a4391a	-	ol9_aarch64_appstream
	ghostscript-doc-9.54.0-17.el9_4.noarch.rpm	963dee06ca31c7eb5b8bed91cc3f7ef1	-	ol9_aarch64_appstream
	ghostscript-tools-dvipdf-9.54.0-17.el9_4.aarch64.rpm	e53ef6487e627011f8a7a1e3b4013bde	-	ol9_aarch64_appstream
	ghostscript-tools-fonts-9.54.0-17.el9_4.aarch64.rpm	c96cb0a424883f72b7f061a1e5ee37f5	-	ol9_aarch64_appstream
	ghostscript-tools-printing-9.54.0-17.el9_4.aarch64.rpm	09f161e6c3c56740ec9dd0b34e7dc1f7	-	ol9_aarch64_appstream
	ghostscript-x11-9.54.0-17.el9_4.aarch64.rpm	9d9fc1369b58e77a42372a1b4a7960d2	-	ol9_aarch64_appstream
	libgs-9.54.0-17.el9_4.aarch64.rpm	abe4f1baa020e23c1c365b338ed45496	-	ol9_aarch64_appstream
	libgs-devel-9.54.0-17.el9_4.aarch64.rpm	3bbd031606c3b80c010d2c95283c0312	-	ol9_aarch64_codeready_builder

Oracle Linux 9 (x86_64)	ghostscript-9.54.0-17.el9_4.src.rpm	096b29f21b0b977743eac2954ab7a14e	-	ol9_x86_64_appstream
	ghostscript-9.54.0-17.el9_4.src.rpm	096b29f21b0b977743eac2954ab7a14e	-	ol9_x86_64_codeready_builder
	ghostscript-9.54.0-17.el9_4.i686.rpm	bd8e6ceac9ac5f3a22d88bedbeaf35a7	-	ol9_x86_64_codeready_builder
	ghostscript-9.54.0-17.el9_4.x86_64.rpm	ff3986a2bd1d02ad024794965fa8120c	-	ol9_x86_64_appstream
	ghostscript-doc-9.54.0-17.el9_4.noarch.rpm	963dee06ca31c7eb5b8bed91cc3f7ef1	-	ol9_x86_64_appstream
	ghostscript-tools-dvipdf-9.54.0-17.el9_4.x86_64.rpm	68ce23a6a0724f580b7b6be8a3ed0ee6	-	ol9_x86_64_appstream
	ghostscript-tools-fonts-9.54.0-17.el9_4.i686.rpm	32571f725db73151c6b961f447209e6b	-	ol9_x86_64_codeready_builder
	ghostscript-tools-fonts-9.54.0-17.el9_4.x86_64.rpm	bd643abae965bd9088fe1efd3dd4817f	-	ol9_x86_64_appstream
	ghostscript-tools-printing-9.54.0-17.el9_4.i686.rpm	6f0f86422d3ee27bc21f677a7a3e5487	-	ol9_x86_64_codeready_builder
	ghostscript-tools-printing-9.54.0-17.el9_4.x86_64.rpm	2f515e24d1f45953f7d9591186f514d8	-	ol9_x86_64_appstream
	ghostscript-x11-9.54.0-17.el9_4.x86_64.rpm	8dfdd221e644e7e7d1f5562ff982e2b8	-	ol9_x86_64_appstream
	libgs-9.54.0-17.el9_4.i686.rpm	268cd035cb17f355c6bf9d58e45328bd	-	ol9_x86_64_appstream
	libgs-9.54.0-17.el9_4.x86_64.rpm	6730aabe3c22d0ee4618938c25120b68	-	ol9_x86_64_appstream
	libgs-devel-9.54.0-17.el9_4.i686.rpm	8456bc34dce9c5c0cb21492b8fcc8ff5	-	ol9_x86_64_codeready_builder
	libgs-devel-9.54.0-17.el9_4.x86_64.rpm	67f1089c0a8288a89386172460586916	-	ol9_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691