ghostscript: Saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183)

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183...

ghostscript: Incorrect free logic in pagedevice replacement (699664)

It was discovered that the ghostscript device cleanup did not properly handle devices replaced with a null device. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted...

ghostscript: 1Policy operator allows a sandbox protection bypass

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator...

Security Bulletin: Vulnerabilities in Ghostscript affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in Artifex Ghostscript. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-16542 DESCRIPTION: Artifex Ghostscript is vulnerable to a denial of service, caused by an improper interpreter stack-size checking. By...

openSUSE Security Update : ghostscript (openSUSE-2018-1552)

This update for ghostscript to version 9.26 fixes the following issues : Security issues fixed : - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477...

openSUSE Security Update : ghostscript (openSUSE-2018-1556)

This update for ghostscript to version 9.26 fixes the following issues : Security issues fixed : - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477...

Security update for ghostscript (important)

This update for ghostscript to version 9.26 fixes the following issues: Security issues fixed: - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477:...

Security update for ghostscript (important)

This update for ghostscript to version 9.26 fixes the following issues: Security issues fixed: - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477:...

CentOS 7 : ghostscript (CESA-2018:3650)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

CentOS 7 : ghostscript (CESA-2018:3761)

An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

ghostscript security update

CentOS Errata and Security Advisory CESA-2018:3761 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

ghostscript security update

CentOS Errata and Security Advisory CESA-2018:3650 An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2018:4090-1)

This update for ghostscript to version 9.26 fixes the following issues : Security issues fixed : CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 CVE-2018-19477: Fixe...

SUSE-SU-2018:4090-1 Security update for ghostscript

This update for ghostscript to version 9.26 fixes the following issues: Security issues fixed: - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477:...

SUSE-SU-2018:4087-1 Security update for ghostscript

This update for ghostscript to version 9.26 fixes the following issues: Security issues fixed: - CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c bsc1117327 - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c bsc1117313 - CVE-2018-19477:...

The vulnerability of the set_text_distance function in the pdfwrite component of the software for processing, transforming, and generating Ghostscript documents allows a hacker to trigger a service failure.

The vulnerability of the settextdistance function in the pdfwrite component of the Ghostscrip software suite for document processing, conversion, and generation is related to an error that causes an attempt to output an infinite number of items. Exploiting this vulnerability could allow a malicio...

EulerOS 2.0 SP3 : ghostscript (EulerOS-SA-2018-1404)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ghostscript: /invalidaccess bypass after failed restore.CVE-2018-16509 - ghostscript: LockDistillerParams type confusion.CVE-2018-15910 -...

CentOS 6 : ghostscript (CESA-2018:3760)

An update for ghostscript is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

CentOS Update for ghostscript CESA-2018:3760 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.3 / 3.4 : ghostscript (OVMSA-2018-0285)

The remote OracleVM system is missing necessary patches to address critical security updates : - It was found that the fix for CVE-2018-16509 was not complete, the missing pieces added into ghostscript-CVE-2018-16509.patch - Resolves: 1641124 - CVE-2018-16509 ghostscript: /invalidaccess bypass...