Print

Print


    Synopsis: Important: ghostscript security update
    Advisory ID:       SLSA-2019:2586-1
    Issue Date:        2019-09-03
    CVE Numbers:       CVE-2019-14813
                       CVE-2019-14812
                       CVE-2019-14811
                       CVE-2019-14817
    --
    
    Security Fix(es):
    
    * ghostscript: Safer mode bypass by .forceput exposure in
    .pdf_hook_DSC_Creator (701445) (CVE-2019-14811)
    
    * ghostscript: Safer mode bypass by .forceput exposure in setuserparams
    (701444) (CVE-2019-14812)
    
    * ghostscript: Safer mode bypass by .forceput exposure in setsystemparams
    (701443) (CVE-2019-14813)
    
    * ghostscript: Safer mode bypass by .forceput exposure in .pdfexectoken
    and other procedures (701450) (CVE-2019-14817)
    --
    
    SL7
      x86_64
        ghostscript-9.25-2.el7_7.2.i686.rpm
        ghostscript-9.25-2.el7_7.2.x86_64.rpm
        ghostscript-cups-9.25-2.el7_7.2.x86_64.rpm
        ghostscript-debuginfo-9.25-2.el7_7.2.i686.rpm
        ghostscript-debuginfo-9.25-2.el7_7.2.x86_64.rpm
        libgs-9.25-2.el7_7.2.i686.rpm
        libgs-9.25-2.el7_7.2.x86_64.rpm
        ghostscript-gtk-9.25-2.el7_7.2.x86_64.rpm
        libgs-devel-9.25-2.el7_7.2.i686.rpm
        libgs-devel-9.25-2.el7_7.2.x86_64.rpm
      noarch
        ghostscript-doc-9.25-2.el7_7.2.noarch.rpm
    
    - Scientific Linux Development Team