Synopsis: Important: ghostscript security update
Advisory ID: SLSA-2018:3650-1
Issue Date: 2018-11-27
CVE Numbers: CVE-2018-15908
CVE-2018-16511
CVE-2018-15909
CVE-2018-16539
—
Security Fix(es):
* ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908)
* ghostscript: shading_param incomplete type checking (699660)
(CVE-2018-15909)
* ghostscript: missing type check in type checker (699659)
(CVE-2018-16511)
* ghostscript: incorrect access checking in temp file handling to disclose
contents of files (699658) (CVE-2018-16539)
—
SL7
x86_64
ghostscript-9.07-31.el7_6.1.i686.rpm
ghostscript-9.07-31.el7_6.1.x86_64.rpm
ghostscript-cups-9.07-31.el7_6.1.x86_64.rpm
ghostscript-debuginfo-9.07-31.el7_6.1.i686.rpm
ghostscript-debuginfo-9.07-31.el7_6.1.x86_64.rpm
ghostscript-devel-9.07-31.el7_6.1.i686.rpm
ghostscript-devel-9.07-31.el7_6.1.x86_64.rpm
ghostscript-gtk-9.07-31.el7_6.1.x86_64.rpm
ghostscript-9.07-31.el7_6.1.src.rpm
noarch
ghostscript-doc-9.07-31.el7_6.1.noarch.rpm
– Scientific Linux Development Team
