The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
Security Fix(es):
ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908)
ghostscript: shading_param incomplete type checking (699660) (CVE-2018-15909)
ghostscript: missing type check in type checker (699659) (CVE-2018-16511)
ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) (CVE-2018-16539)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Tavis Ormandy (Google Project Zero) for reporting CVE-2018-15908.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | x86_64 | ghostscript-debuginfo | < 9.07-31.el7_6.1 | ghostscript-debuginfo-9.07-31.el7_6.1.x86_64.rpm |
RedHat | 7 | ppc64le | ghostscript-devel | < 9.07-31.el7_6.1 | ghostscript-devel-9.07-31.el7_6.1.ppc64le.rpm |
RedHat | 7 | x86_64 | ghostscript-gtk | < 9.07-31.el7_6.1 | ghostscript-gtk-9.07-31.el7_6.1.x86_64.rpm |
RedHat | 7 | i686 | ghostscript-debuginfo | < 9.07-31.el7_6.1 | ghostscript-debuginfo-9.07-31.el7_6.1.i686.rpm |
RedHat | 7 | aarch64 | ghostscript-debuginfo | < 9.07-31.el7_6.1 | ghostscript-debuginfo-9.07-31.el7_6.1.aarch64.rpm |
RedHat | 7 | s390 | ghostscript | < 9.07-31.el7_6.1 | ghostscript-9.07-31.el7_6.1.s390.rpm |
RedHat | 7 | x86_64 | ghostscript-devel | < 9.07-31.el7_6.1 | ghostscript-devel-9.07-31.el7_6.1.x86_64.rpm |
RedHat | 7 | s390 | ghostscript-debuginfo | < 9.07-31.el7_6.1 | ghostscript-debuginfo-9.07-31.el7_6.1.s390.rpm |
RedHat | 7 | s390x | ghostscript-debuginfo | < 9.07-31.el7_6.1 | ghostscript-debuginfo-9.07-31.el7_6.1.s390x.rpm |
RedHat | 7 | s390x | ghostscript-gtk | < 9.07-31.el7_6.1 | ghostscript-gtk-9.07-31.el7_6.1.s390x.rpm |