Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

SciLinux: SLSA-2018-3650-1 Critical Access Check Issues in Ghostscript

Scientific Large Esm H446
ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908) * ghostscript: shading_param incomplete type checking (699660) (CVE-2018-15909) * ghostscript: missing type check in type checker (699659) (CVE-2018-16511) * ghostscript: incorrect access checking in temp file handling to disclose contents of files (699658) (CVE-2018-16539) SL7 x86_64 ghostscript-9.07-31.el7_6.1. [More...]
Synopsis: Important: ghostscript security update
Advisory ID:       SLSA-2018:3650-1
Issue Date:        2018-11-27
CVE Numbers:       CVE-2018-15908
                   CVE-2018-16511
                   CVE-2018-15909
                   CVE-2018-16539
--

Security Fix(es):

* ghostscript: .tempfile file permission issues (699657) (CVE-2018-15908)

* ghostscript: shading_param incomplete type checking (699660)
(CVE-2018-15909)

* ghostscript: missing type check in type checker (699659)
(CVE-2018-16511)

* ghostscript: incorrect access checking in temp file handling to disclose
contents of files (699658) (CVE-2018-16539)
--

SL7
  x86_64
    ghostscript-9.07-31.el7_6.1.i686.rpm
    ghostscript-9.07-31.el7_6.1.x86_64.rpm
    ghostscript-cups-9.07-31.el7_6.1.x86_64.rpm
    ghostscript-debuginfo-9.07-31.el7_6.1.i686.rpm
    ghostscript-debuginfo-9.07-31.el7_6.1.x86_64.rpm
    ghostscript-devel-9.07-31.el7_6.1.i686.rpm
    ghostscript-devel-9.07-31.el7_6.1.x86_64.rpm
    ghostscript-gtk-9.07-31.el7_6.1.x86_64.rpm
    ghostscript-9.07-31.el7_6.1.src.rpm
  noarch
    ghostscript-doc-9.07-31.el7_6.1.noarch.rpm

- Scientific Linux Development Team