The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
Security Fix(es):
ghostscript: use-after-free in copydevice handling (699661) (CVE-2018-16540)
ghostscript: access bypass in psi/zdevice2.c (700153) (CVE-2018-19475)
ghostscript: access bypass in psi/zicc.c (700169) (CVE-2018-19476)
ghostscript: access bypass in psi/zfjbig2.c (700168) (CVE-2018-19477)
ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators (700317) (CVE-2019-6116)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Tavis Ormandy (Google Project Zero) for reporting CVE-2019-6116.
Bug Fix(es):
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | ppc | ghostscript | < 9.07-31.el7_6.9 | ghostscript-9.07-31.el7_6.9.ppc.rpm |
RedHat | 7 | i686 | ghostscript-debuginfo | < 9.07-31.el7_6.9 | ghostscript-debuginfo-9.07-31.el7_6.9.i686.rpm |
RedHat | 7 | aarch64 | ghostscript-cups | < 9.07-31.el7_6.9 | ghostscript-cups-9.07-31.el7_6.9.aarch64.rpm |
RedHat | 7 | ppc64 | ghostscript-gtk | < 9.07-31.el7_6.9 | ghostscript-gtk-9.07-31.el7_6.9.ppc64.rpm |
RedHat | 7 | i686 | ghostscript | < 9.07-31.el7_6.9 | ghostscript-9.07-31.el7_6.9.i686.rpm |
RedHat | 7 | i686 | ghostscript-devel | < 9.07-31.el7_6.9 | ghostscript-devel-9.07-31.el7_6.9.i686.rpm |
RedHat | 7 | ppc | ghostscript-devel | < 9.07-31.el7_6.9 | ghostscript-devel-9.07-31.el7_6.9.ppc.rpm |
RedHat | 7 | ppc64le | ghostscript-gtk | < 9.07-31.el7_6.9 | ghostscript-gtk-9.07-31.el7_6.9.ppc64le.rpm |
RedHat | 7 | x86_64 | ghostscript | < 9.07-31.el7_6.9 | ghostscript-9.07-31.el7_6.9.x86_64.rpm |
RedHat | 7 | s390x | ghostscript-debuginfo | < 9.07-31.el7_6.9 | ghostscript-debuginfo-9.07-31.el7_6.9.s390x.rpm |