Synopsis: Important: ghostscript security update Advisory ID: SLSA-2017:1230-1 Issue Date: 2017-05-12 CVE Numbers: CVE-2017-8291 -- Security Fix(es): * It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. (CVE-2017-8291) -- SL6 x86_64 ghostscript-8.70-23.el6_9.2.i686.rpm ghostscript-8.70-23.el6_9.2.x86_64.rpm ghostscript-debuginfo-8.70-23.el6_9.2.i686.rpm ghostscript-debuginfo-8.70-23.el6_9.2.x86_64.rpm ghostscript-devel-8.70-23.el6_9.2.i686.rpm ghostscript-devel-8.70-23.el6_9.2.x86_64.rpm ghostscript-doc-8.70-23.el6_9.2.x86_64.rpm ghostscript-gtk-8.70-23.el6_9.2.x86_64.rpm i386 ghostscript-8.70-23.el6_9.2.i686.rpm ghostscript-debuginfo-8.70-23.el6_9.2.i686.rpm ghostscript-devel-8.70-23.el6_9.2.i686.rpm ghostscript-doc-8.70-23.el6_9.2.i686.rpm ghostscript-gtk-8.70-23.el6_9.2.i686.rpm SL7 x86_64 ghostscript-9.07-20.el7_3.5.i686.rpm ghostscript-9.07-20.el7_3.5.x86_64.rpm ghostscript-cups-9.07-20.el7_3.5.x86_64.rpm ghostscript-debuginfo-9.07-20.el7_3.5.i686.rpm ghostscript-debuginfo-9.07-20.el7_3.5.x86_64.rpm ghostscript-devel-9.07-20.el7_3.5.i686.rpm ghostscript-devel-9.07-20.el7_3.5.x86_64.rpm ghostscript-gtk-9.07-20.el7_3.5.x86_64.rpm noarch ghostscript-doc-9.07-20.el7_3.5.noarch.rpm - Scientific Linux Development Team