Synopsis: Important: ghostscript security update Advisory ID: SLSA-2018:3650-1 Issue Date: 2018-11-27 CVE Numbers: CVE-2018-15908 CVE-2018-16511 CVE-2018-15909 CVE-2018-16539 -- Security Fix(es): * ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908) * ghostscript: shading_param incomplete type checking (699660) (CVE-2018-15909) * ghostscript: missing type check in type checker (699659) (CVE-2018-16511) * ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) (CVE-2018-16539) -- SL7 x86_64 ghostscript-9.07-31.el7_6.1.i686.rpm ghostscript-9.07-31.el7_6.1.x86_64.rpm ghostscript-cups-9.07-31.el7_6.1.x86_64.rpm ghostscript-debuginfo-9.07-31.el7_6.1.i686.rpm ghostscript-debuginfo-9.07-31.el7_6.1.x86_64.rpm ghostscript-devel-9.07-31.el7_6.1.i686.rpm ghostscript-devel-9.07-31.el7_6.1.x86_64.rpm ghostscript-gtk-9.07-31.el7_6.1.x86_64.rpm ghostscript-9.07-31.el7_6.1.src.rpm noarch ghostscript-doc-9.07-31.el7_6.1.noarch.rpm - Scientific Linux Development Team