Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 544
Alerts This Week
Warning Icon 1 544

Fedora: Ghostscript Security Advisory for PostScript Files

fedora
Calendar Grey November 7, 2016
Scroller Fedora Esm H88
This patch resolves vulnerabilities in ImageMagick for Ubuntu 20.04, guaranteeing accurate rendering of image formats.
This update fixes a rare ocasion where ghostscript would fail when displaying *.ps files

Summary

Ghostscript is a set of software that provides a PostScript

interpreter, a set of C procedures (the Ghostscript library, which

implements the graphics capabilities in the PostScript language) and

an interpreter for Portable Document Format (PDF) files. Ghostscript

translates PostScript code into many common, bitmapped formats, like

those understood by your printer or screen. Ghostscript is normally

used to display PostScript files and to print PostScript files to

non-PostScript printers.

If you need to display PostScript files or print them to

non-PostScript printers, you should install ghostscript. If you

install ghostscript, you also need to install the ghostscript-fonts

package.

Update Information:

This update fixes a rare ocasion where ghostscript would fail when displaying *.ps files. More info can be found [here](https://bugs.ghostscript.com/show_bug.cgi). ---- This is a security update for these CVEs: * [CVE-2016-8602](https://bugzilla.redhat.com/show_bug.cgi?id=1383940) - *check for sufficient params in .sethalftone5* * [CVE-2016-7977](https://bugzilla.redhat.com/show_bug.cgi?id=1380415) - *.libfile does not honor -dSAFER* [This CVE is now correctly fixed, previous release was accidentally missing the fix.]

Change Log

References


[ 1 ] Bug #1383941 - CVE-2016-8602 ghostscript: check for sufficient params in .sethalftone5 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1383941 [ 2 ] Bug #1380416 - ghostscript: .libfile does not honor -dSAFER [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380416

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade ghostscript' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ghostscript
Product: Fedora 24
Version: 9.20
Release: 5.fc24
Summary: A PostScript interpreter and renderer

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.