Synopsis: Important: ghostscript security and bug fix update Advisory ID: SLSA-2019:0633-1 Issue Date: 2019-03-21 CVE Numbers: CVE-2019-3838 CVE-2019-3835 -- Security Fix(es): * ghostscript: superexec operator is available (700585) (CVE-2019-3835) * ghostscript: forceput in DefineResource is still accessible (700576) (CVE-2019-3838) Bug Fix(es): * ghostscript: Regression: double comment chars '%%' in gs_init.ps leading to missing metadata -- SL7 x86_64 ghostscript-9.07-31.el7_6.10.i686.rpm ghostscript-9.07-31.el7_6.10.x86_64.rpm ghostscript-cups-9.07-31.el7_6.10.x86_64.rpm ghostscript-debuginfo-9.07-31.el7_6.10.i686.rpm ghostscript-debuginfo-9.07-31.el7_6.10.x86_64.rpm ghostscript-devel-9.07-31.el7_6.10.i686.rpm ghostscript-devel-9.07-31.el7_6.10.x86_64.rpm ghostscript-gtk-9.07-31.el7_6.10.x86_64.rpm ghostscript-9.07-31.el7_6.10.src.rpm noarch ghostscript-doc-9.07-31.el7_6.10.noarch.rpm - Scientific Linux Development Team