Synopsis: Low: ghostscript security, bug fix, and enhancement update Advisory ID: SLSA-2019:2281-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2018-11645 -- The following packages have been upgraded to a later upstream version: ghostscript (9.25). Security Fix(es): * ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files (CVE-2018-11645) -- SL7 x86_64 ghostscript-9.25-2.el7.i686.rpm libgs-9.25-2.el7.x86_64.rpm ghostscript-9.25-2.el7.x86_64.rpm libgs-9.25-2.el7.i686.rpm ghostscript-cups-9.25-2.el7.x86_64.rpm ghostscript-doc-9.25-2.el7.noarch.rpm ghostscript-gtk-9.25-2.el7.x86_64.rpm libgs-devel-9.25-2.el7.i686.rpm libgs-devel-9.25-2.el7.x86_64.rpm ghostscript-debuginfo-9.25-2.el7.i686.rpm ghostscript-debuginfo-9.25-2.el7.x86_64.rpm noarch ghostscript-doc-9.25-2.el7.noarch.rpm - Scientific Linux Development Team