Lucene search
AmazonALAS2-2018-1022HistoryMay 24, 2018 - 6:11 p.m.
Medium: ghostscript
2018-05-2418:11:00
alas.aws.amazon.com
11
Issue Overview:
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. (CVE-2018-10194)
Affected Packages:
ghostscript
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update ghostscript to update your system.
New Packages:
noarch:
ghostscript-doc-9.06-2.amzn2.0.2.noarch
src:
ghostscript-9.06-2.amzn2.0.2.src
x86_64:
ghostscript-9.06-2.amzn2.0.2.x86_64
ghostscript-devel-9.06-2.amzn2.0.2.x86_64
ghostscript-gtk-9.06-2.amzn2.0.2.x86_64
ghostscript-cups-9.06-2.amzn2.0.2.x86_64
ghostscript-debuginfo-9.06-2.amzn2.0.2.x86_64
Additional References
Red Hat: CVE-2018-10194
Mitre: CVE-2018-10194
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 2 | noarch | ghostscript-doc | < 9.06-2.amzn2.0.2 | ghostscript-doc-9.06-2.amzn2.0.2.noarch.rpm |
| Amazon Linux | 2 | x86_64 | ghostscript | < 9.06-2.amzn2.0.2 | ghostscript-9.06-2.amzn2.0.2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | ghostscript-devel | < 9.06-2.amzn2.0.2 | ghostscript-devel-9.06-2.amzn2.0.2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | ghostscript-gtk | < 9.06-2.amzn2.0.2 | ghostscript-gtk-9.06-2.amzn2.0.2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | ghostscript-cups | < 9.06-2.amzn2.0.2 | ghostscript-cups-9.06-2.amzn2.0.2.x86_64.rpm |
| Amazon Linux | 2 | x86_64 | ghostscript-debuginfo | < 9.06-2.amzn2.0.2 | ghostscript-debuginfo-9.06-2.amzn2.0.2.x86_64.rpm |
Related
nessus
nessus
Fedora 28 : ghostscript (2018-8359498f3c)
2019-01-03 00:00:00
openSUSE Security Update : ghostscript (openSUSE-2018-706)
2018-07-09 00:00:00
Fedora 26 : ghostscript (2018-226dac231f)
2018-04-30 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: ghostscript-9.22-4.fc27
2018-04-30 16:38:19
[SECURITY] Fedora 26 Update: ghostscript-9.20-11.fc26
2018-04-29 21:23:33
[SECURITY] Fedora 28 Update: ghostscript-9.23-2.fc28
2018-04-27 23:08:57
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:1332-1)
2021-04-19 00:00:00
Fedora Update for ghostscript FEDORA-2018-3247413570
2018-05-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:1884-1)
2021-06-09 00:00:00
mageia
mageia
Updated ghostscript packages fix security vulnerability
2018-05-04 20:29:33
alpinelinux
alpinelinux
CVE-2018-10194
2018-04-18 21:29:00
osv
osv
ghostscript - security update
2018-04-25 00:00:00
CVE-2018-10194
2018-04-18 21:29:00
cve
cve
CVE-2018-10194
2018-04-18 21:29:00
suse
suse
Security update for ghostscript (moderate)
2018-07-07 00:11:36
Security update for ghostscript (moderate)
2018-05-19 21:07:50
cvelist
cvelist
CVE-2018-10194
2018-04-18 21:00:00
ubuntucve
ubuntucve
CVE-2018-10194
2018-04-18 00:00:00
debian
debian
[SECURITY] [DLA 1363-1] ghostscript security update
2018-04-25 18:26:48
debiancve
debiancve
CVE-2018-10194
2018-04-18 21:29:00
prion
prion
Buffer overflow
2018-04-18 21:29:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:25:17
ubuntu
ubuntu
Ghostscript vulnerabilities
2018-04-30 00:00:00
redhatcve
redhatcve
CVE-2018-10194
2018-04-20 03:18:37
ibm
ibm
Security Bulletin: Vulnerabilities in Ghostscript affect PowerKVM
2018-12-17 14:30:02
oraclelinux
oraclelinux
ghostscript security update
2018-10-15 00:00:00
redhat
redhat
(RHSA-2018:2918) Important: ghostscript security update
2018-10-16 01:32:18
centos
centos
ghostscript security update
2018-10-15 21:01:33
gentoo
gentoo
GPL Ghostscript: Multiple vulnerabilities
2018-11-24 00:00:00