ghostscript (SL6, SL7)

By Scientific Linux Team on May 12, 2017

Synopsis: Important: ghostscript security update
Advisory ID: SLSA-2017:1230-1
Issue Date: 2017-05-12
CVE Numbers: CVE-2017-8291

Security Fix(es):

* It was found that ghostscript did not properly validate the parameters
passed to the .rsdparams and .eqproc functions. During its execution, a
specially crafted PostScript document could execute code in the context of
the ghostscript process, bypassing the -dSAFER protection. (CVE-2017-8291)

SL6
x86_64
ghostscript-8.70-23.el6_9.2.i686.rpm
ghostscript-8.70-23.el6_9.2.x86_64.rpm
ghostscript-debuginfo-8.70-23.el6_9.2.i686.rpm
ghostscript-debuginfo-8.70-23.el6_9.2.x86_64.rpm
ghostscript-devel-8.70-23.el6_9.2.i686.rpm
ghostscript-devel-8.70-23.el6_9.2.x86_64.rpm
ghostscript-doc-8.70-23.el6_9.2.x86_64.rpm
ghostscript-gtk-8.70-23.el6_9.2.x86_64.rpm
i386
ghostscript-8.70-23.el6_9.2.i686.rpm
ghostscript-debuginfo-8.70-23.el6_9.2.i686.rpm
ghostscript-devel-8.70-23.el6_9.2.i686.rpm
ghostscript-doc-8.70-23.el6_9.2.i686.rpm
ghostscript-gtk-8.70-23.el6_9.2.i686.rpm
SL7
x86_64
ghostscript-9.07-20.el7_3.5.i686.rpm
ghostscript-9.07-20.el7_3.5.x86_64.rpm
ghostscript-cups-9.07-20.el7_3.5.x86_64.rpm
ghostscript-debuginfo-9.07-20.el7_3.5.i686.rpm
ghostscript-debuginfo-9.07-20.el7_3.5.x86_64.rpm
ghostscript-devel-9.07-20.el7_3.5.i686.rpm
ghostscript-devel-9.07-20.el7_3.5.x86_64.rpm
ghostscript-gtk-9.07-20.el7_3.5.x86_64.rpm
noarch
ghostscript-doc-9.07-20.el7_3.5.noarch.rpm

– Scientific Linux Development Team