Synopsis: Low: ghostscript security, bug fix, and enhancement update
Advisory ID: SLSA-2019:2281-1
Issue Date: 2019-08-06
CVE Numbers: CVE-2018-11645
—
The following packages have been upgraded to a later upstream version:
ghostscript (9.25).
Security Fix(es):
* ghostscript: status command permitted with -dSAFER in psi/zfile.c
allowing attackers to identify the size and existence of files
(CVE-2018-11645)
—
SL7
x86_64
ghostscript-9.25-2.el7.i686.rpm
libgs-9.25-2.el7.x86_64.rpm
ghostscript-9.25-2.el7.x86_64.rpm
libgs-9.25-2.el7.i686.rpm
ghostscript-cups-9.25-2.el7.x86_64.rpm
ghostscript-doc-9.25-2.el7.noarch.rpm
ghostscript-gtk-9.25-2.el7.x86_64.rpm
libgs-devel-9.25-2.el7.i686.rpm
libgs-devel-9.25-2.el7.x86_64.rpm
ghostscript-debuginfo-9.25-2.el7.i686.rpm
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm
noarch
ghostscript-doc-9.25-2.el7.noarch.rpm
– Scientific Linux Development Team
