Synopsis: Important: ghostscript security update
Advisory ID:       SLSA-2018:3760-1
Issue Date:        2018-12-04
CVE Numbers:       CVE-2018-16509
--

Security Fix(es):

* It was discovered that the ghostscript /invalidaccess checks fail under
certain conditions. An attacker could possibly exploit this to bypass the
- -dSAFER protection and, for example, execute arbitrary shell commands
via a specially crafted PostScript document. (CVE-2018-16509)
--

SL6
  x86_64
    ghostscript-8.70-24.el6_10.2.i686.rpm
    ghostscript-8.70-24.el6_10.2.x86_64.rpm
    ghostscript-debuginfo-8.70-24.el6_10.2.i686.rpm
    ghostscript-debuginfo-8.70-24.el6_10.2.x86_64.rpm
    ghostscript-devel-8.70-24.el6_10.2.i686.rpm
    ghostscript-devel-8.70-24.el6_10.2.x86_64.rpm
    ghostscript-doc-8.70-24.el6_10.2.x86_64.rpm
    ghostscript-gtk-8.70-24.el6_10.2.x86_64.rpm
  i386
    ghostscript-8.70-24.el6_10.2.i686.rpm
    ghostscript-debuginfo-8.70-24.el6_10.2.i686.rpm
    ghostscript-devel-8.70-24.el6_10.2.i686.rpm
    ghostscript-doc-8.70-24.el6_10.2.i686.rpm
    ghostscript-gtk-8.70-24.el6_10.2.i686.rpm

- Scientific Linux Development Team