[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2019:0229 -- centos 7 ghostscript

ID: oval:org.secpod.oval:def:205157Date: (C)2019-02-11   (M)2023-12-20
Class: PATCHFamily: unix




The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: use-after-free in copydevice handling * ghostscript: access bypass in psi/zdevice2.c * ghostscript: access bypass in psi/zicc.c * ghostscript: access bypass in psi/zfjbig2.c * ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Tavis Ormandy for reporting CVE-2019-6116. Bug Fix: * Previously, ghostscript-9.07-31.el7_6.1 introduced a regression during the standard input reading, causing a "/invalidfileaccess in --run--" error. With this update, the regression has been fixed and the described error no longer occurs

Platform:
CentOS 7
Product:
ghostscript
Reference:
CESA-2019:0229
CVE-2018-16540
CVE-2018-19475
CVE-2018-19476
CVE-2018-19477
CVE-2019-6116
CVE    5
CVE-2018-19477
CVE-2018-19476
CVE-2018-19475
CVE-2019-6116
...
CPE    2
cpe:/o:centos:centos:7
cpe:/a:ghostscript:ghostscript

© SecPod Technologies