The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908)
ghostscript: shading_param incomplete type checking (699660) (CVE-2018-15909)
ghostscript: missing type check in type checker (699659) (CVE-2018-16511)
ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) (CVE-2018-16539)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Tavis Ormandy (Google Project Zero) for reporting CVE-2018-15908.