Oracle Errata System
Oracle Linux
5.3
2021-09-09T12:48:41
ELSA-2018-3834: ghostscript security and bug fix update (IMPORTANT)
Oracle Linux 7
[9.07-31.el7_6.6]
- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect
smooth shading object (Error: /rangecheck in --run--)
[9.07-31.el7_6.5]
- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in
pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error
exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks
can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks
can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator
allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in
setpattern (700141)
[9.07-31.el7_6.4]
- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory
access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect 'restoration of
privilege' checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented
security check in zsetdevice function in psi/zdevice.c
IMPORTANT
Copyright 2018 Oracle, Inc.
CVE-2018-15911
CVE-2018-16541
CVE-2018-17961
CVE-2018-16802
CVE-2018-17183
CVE-2018-18073
CVE-2018-18284
CVE-2018-19134
CVE-2018-19409
ghostscript
oraclelinux-release
ghostscript-devel
ghostscript-gtk
ghostscript-doc
ghostscript-cups
72f97b74ec551f03
^7
aarch64
0:9.07-31.el7_6.6
x86_64