Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 564
Alerts This Week
Warning Icon 1 564

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 352 articles for you...
100

SUSE Ghostscript Moderate Threat Fix Denial of Service 2026-21363-1

An update that solves six vulnerabilities can now be installed.. # Security update for ghostscript Announcement ID: SUSE-SU-2026:21363-1 Release Date: 2026-04-21T09:49:39Z Rating: moderate References: * bsc#1243701 * bsc#1245896 * bsc#1250353 * bsc#1250354 * bsc#1250355 * bsc#1257699 Cross-References: * CVE-2025-46646 * CVE-2025-48708 * CVE-2025-59798 * CVE-2025-59799 * CVE-2025-59800 * CVE-2025-59801 CVSS scores: * CVE-2025-46646 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-46646 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2025-48708 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-48708 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-48708 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-59798 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59798 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59799 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59800 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59800 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59800 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59801 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: Update to version 10.06.0. Security issues fixed: * CVE-2025-59800: an integer overflow can lead to a heap-based buffer overflow inocr_line8 (bsc#1250355). * CVE-2025-59799: a large size value can cause a stack-based buffer overflow in pdfmark_coerce_dest (bsc#1250354). * CVE-2025-59798: stack-based buffer overflow in pdf_write_cmap can lead to a denial-of-service (bsc#1250353). * CVE-2025-48708: lacks of argument sanitization may lead to password disclosure (bsc#1243701). * CVE-2025-46646: mishandling of overlong utf-8 encoding in artifex ghostscript's decode_utf8 function (bsc#1257699). Other updates and bugfixes: * switch over to libalternatives for ghostscript to provide a gs variant (bsc#1245896) * Version upgrade to 10.06.0: * removes the non-standard operator "selectdevice" (cf. the entry below dated Tue Apr 1 09:56:06 UTC 2025) * Version upgrade to 10.05.1: * an overflow issue in Freetype on platforms where long is a 4 byte (rather than 8 byte) type (Microsoft Windows, for example) causing corrupted glyph rendering at higher resolutions * an issue with embedded files, affecting Zugferd format PDF creation. * broken logic in PDF Optional Content processing * potential slow down due to searching for identifiable font files * a small number of extreme edge case segmentation faults. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-602=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-602=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * ghostscript-x11-debuginfo-10.06.0-160000.1.1 * ghostscript-devel-10.06.0-160000.1.1 * ghostscript-debugsource-10.06.0-160000.1.1 * ghostscript-10.06.0-160000.1.1 * ghostscript-x11-10.06.0-160000.1.1 * ghostscript-debuginfo-10.06.0-160000.1.1 * SUSE Linux Enterprise Server 16.0(aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-10.06.0-160000.1.1 * ghostscript-devel-10.06.0-160000.1.1 * ghostscript-debugsource-10.06.0-160000.1.1 * ghostscript-10.06.0-160000.1.1 * ghostscript-x11-10.06.0-160000.1.1 * ghostscript-debuginfo-10.06.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46646.html * https://www.suse.com/security/cve/CVE-2025-48708.html * https://www.suse.com/security/cve/CVE-2025-59798.html * https://www.suse.com/security/cve/CVE-2025-59799.html * https://www.suse.com/security/cve/CVE-2025-59800.html * https://www.suse.com/security/cve/CVE-2025-59801.html * https://bugzilla.suse.com/show_bug.cgi?id=1243701 * https://bugzilla.suse.com/show_bug.cgi?id=1245896 * https://bugzilla.suse.com/show_bug.cgi?id=1250353 * https://bugzilla.suse.com/show_bug.cgi?id=1250354 * https://bugzilla.suse.com/show_bug.cgi?id=1250355 * https://bugzilla.suse.com/show_bug.cgi?id=1257699 . Update for Ghostscript addresses six issues, enhancing security for SUSE users with moderate threats and fixes.. SUSE Ghostscript Update Moderate Buffer Overflow Denial of Service. . LinuxSecurity.com Team

Calendar%202 Apr 28, 2026 SuSE
89

Fedora 42 ghostscript Critical Security Issues CVE-2025-59798

security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-d7cbd53e55 2026-01-27 06:42:28.827106+00:00 -------------------------------------------------------------------------------- Name : ghostscript Product : Fedora 42 Version : 10.05.1 Release : 6.fc42 URL : https://ghostscript.com/ Summary : Interpreter for PostScript language & PDF Description : This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript (PS) and Portable Document Format (PDF) page description languages. Its primary purpose includes displaying (rasterization & rendering) and printing of document pages, as well as conversions between different document formats. -------------------------------------------------------------------------------- Update Information: security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 21 2026 Zdenek Dohnal - 10.05.1-6 - security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546) * Wed Jul 23 2025 Fedora Release Engineering - 10.05.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2431545 - CVE-2025-59798 ghostscript: From CVEorg collector [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431545 [ 2 ] Bug #2431547 - CVE-2025-59800 ghostscript: From CVEorg collector [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431547 [ 3 ] Bug #2431549 - CVE-2025-59799 ghostscript: From CVEorg collector [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2431549 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-d7cbd53e55' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical security fix for ghostscript vulnerabilities CVE-2025-59798, CVE-2025-59799, and CVE-2025-59800 on Fedora 42.. ghostscript security update Fedora vulnerabilities patch. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jan 27, 2026 Critical Fedora
89

Fedora 43 Ghostscript Important Security Fix CVE-2025-59798 and Others

security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c60e345359 2026-01-23 00:54:29.972552+00:00 -------------------------------------------------------------------------------- Name : ghostscript Product : Fedora 43 Version : 10.05.1 Release : 6.fc43 URL : https://ghostscript.com/ Summary : Interpreter for PostScript language & PDF Description : This package provides useful conversion utilities based on Ghostscript software, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Systems' PostScript (PS) and Portable Document Format (PDF) page description languages. Its primary purpose includes displaying (rasterization & rendering) and printing of document pages, as well as conversions between different document formats. -------------------------------------------------------------------------------- Update Information: security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546) -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 21 2026 Zdenek Dohnal - 10.05.1-6 - security fix for CVE-2025-59798, CVE-2025-59799, CVE-2025-59800 (fedora#2431544, fedora#2431548, fedora#2431546) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2431544 - CVE-2025-59798 ghostscript: From CVEorg collector [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431544 [ 2 ] Bug #2431546 - CVE-2025-59800 ghostscript: From CVEorg collector [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431546 [ 3 ] Bug #2431548 - CVE-2025-59799 ghostscript: From CVEorg collector [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2431548 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c60e345359' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . This advisory details security fixes for Ghostscript vulnerabilities including CVE-2025-59798 and related issues.. Fedora updates, Ghostscript issues, security patch, software vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jan 23, 2026 Important Fedora
172

Ubuntu 20.04: Ghostscript Important DoS Vulnerability USN-7904-1

Ghostscript could be made to crash if it wrote certain files.. ========================================================================== Ubuntu Security Notice USN-7904-1 December 03, 2025 ghostscript vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Ghostscript could be made to crash if it wrote certain files. Software Description: - ghostscript: PostScript and PDF interpreter Details: Piotr Kajda discovered that Ghostscript incorrectly handled writing certain files. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS ghostscript 9.50~dfsg-5ubuntu4.15+esm2 Available with Ubuntu Pro libgs9 9.50~dfsg-5ubuntu4.15+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS ghostscript 9.26~dfsg+0-0ubuntu0.18.04.18+esm5 Available with Ubuntu Pro libgs9 9.26~dfsg+0-0ubuntu0.18.04.18+esm5 Available with Ubuntu Pro Ubuntu 16.04 LTS ghostscript 9.26~dfsg+0-0ubuntu0.16.04.14+esm10 Available with Ubuntu Pro libgs9 9.26~dfsg+0-0ubuntu0.16.04.14+esm10 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7904-1 CVE-2025-59798, CVE-2025-59799 . Ghostscript's improper file handling could lead to crashes. Immediate update is recommended for Ubuntu systems.. Ghostscript Update, Ubuntu Ghostscript, Denial of Service,Ghostscript Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 03, 2025 Important Ubuntu
202

openSUSE: ghostscript Moderate Buffer Overflow Vuln 2025:4148-1

An update that solves two vulnerabilities can now be installed.. # Security update for ghostscript Announcement ID: SUSE-SU-2025:4148-1 Release Date: 2025-11-20T10:14:39Z Rating: moderate References: * bsc#1250353 * bsc#1250354 Cross-References: * CVE-2025-59798 * CVE-2025-59799 CVSS scores: * CVE-2025-59798 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59799 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2025-59798: Fixed stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. (bsc#1250353) * CVE-2025-59799: Fixed stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. (bsc#1250354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4148=1 * Basesystem Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP6-2025-4148=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4148=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.211.1 * ghostscript-debuginfo-9.52-150000.211.1 * ghostscript-devel-9.52-150000.211.1 * ghostscript-9.52-150000.211.1 * ghostscript-debugsource-9.52-150000.211.1 * ghostscript-x11-9.52-150000.211.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.211.1 * ghostscript-debuginfo-9.52-150000.211.1 * ghostscript-devel-9.52-150000.211.1 * ghostscript-9.52-150000.211.1 * ghostscript-debugsource-9.52-150000.211.1 * ghostscript-x11-9.52-150000.211.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.211.1 * ghostscript-debuginfo-9.52-150000.211.1 * ghostscript-devel-9.52-150000.211.1 * ghostscript-9.52-150000.211.1 * ghostscript-debugsource-9.52-150000.211.1 * ghostscript-x11-9.52-150000.211.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59798.html * https://www.suse.com/security/cve/CVE-2025-59799.html * https://bugzilla.suse.com/show_bug.cgi?id=1250353 * https://bugzilla.suse.com/show_bug.cgi?id=1250354 . This advisory details the moderate security update for ghostscript on openSUSE addressing buffer overflow issues.. openSUSE Security Advisory, ghostscript Update, Moderate Severity, Buffer Overflow Fix. . LinuxSecurity.com Team

Calendar%202 Nov 20, 2025 OpenSUSE
100

SUSE: Ghostscript Moderate Buffer Overflow Vuln 2025:4148-1 CVE-2025-59798

* bsc#1250353 * bsc#1250354 Cross-References: * CVE-2025-59798 . # Security update for ghostscript Announcement ID: SUSE-SU-2025:4148-1 Release Date: 2025-11-20T10:14:39Z Rating: moderate References: * bsc#1250353 * bsc#1250354 Cross-References: * CVE-2025-59798 * CVE-2025-59799 CVSS scores: * CVE-2025-59798 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59799 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2025-59798: Fixed stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. (bsc#1250353) * CVE-2025-59799: Fixed stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. (bsc#1250354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4148=1 * Basesystem Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Basesystem-15-SP6-2025-4148=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4148=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.211.1 * ghostscript-debuginfo-9.52-150000.211.1 * ghostscript-devel-9.52-150000.211.1 * ghostscript-9.52-150000.211.1 * ghostscript-debugsource-9.52-150000.211.1 * ghostscript-x11-9.52-150000.211.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.211.1 * ghostscript-debuginfo-9.52-150000.211.1 * ghostscript-devel-9.52-150000.211.1 * ghostscript-9.52-150000.211.1 * ghostscript-debugsource-9.52-150000.211.1 * ghostscript-x11-9.52-150000.211.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.211.1 * ghostscript-debuginfo-9.52-150000.211.1 * ghostscript-devel-9.52-150000.211.1 * ghostscript-9.52-150000.211.1 * ghostscript-debugsource-9.52-150000.211.1 * ghostscript-x11-9.52-150000.211.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59798.html * https://www.suse.com/security/cve/CVE-2025-59799.html * https://bugzilla.suse.com/show_bug.cgi?id=1250353 * https://bugzilla.suse.com/show_bug.cgi?id=1250354 . Two buffer overflow issues in Ghostscript resolved through SUSE's latest moderate security update.. Ghostscript, Buffer Overflow, SUSE Update, Security Fix, Linux System. . LinuxSecurity.com Team

Calendar%202 Nov 20, 2025 SuSE
100

SUSE: Ghostscript Moderate Buff Overflow Vulnerability 2025:4125-1

* bsc#1250353 * bsc#1250354 Cross-References: * CVE-2025-59798 . # Security update for ghostscript Announcement ID: SUSE-SU-2025:4125-1 Release Date: 2025-11-18T09:35:13Z Rating: moderate References: * bsc#1250353 * bsc#1250354 Cross-References: * CVE-2025-59798 * CVE-2025-59799 CVSS scores: * CVE-2025-59798 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59798 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59799 ( SUSE ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 4.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-59799 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2025-59798: Fixed stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. (bsc#1250353) * CVE-2025-59799: Fixed stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. (bsc#1250354) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4125=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * ghostscript-9.52-23.97.1 * ghostscript-x11-debuginfo-9.52-23.97.1 * ghostscript-devel-9.52-23.97.1 * ghostscript-x11-9.52-23.97.1 * ghostscript-debuginfo-9.52-23.97.1 *ghostscript-debugsource-9.52-23.97.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59798.html * https://www.suse.com/security/cve/CVE-2025-59799.html * https://bugzilla.suse.com/show_bug.cgi?id=1250353 * https://bugzilla.suse.com/show_bug.cgi?id=1250354 . An update for ghostscript addresses two moderate vulnerabilities including stack-based buffer overflows in SUSE.. SUSE update, ghostscript security, buffer overflow patch, Linux vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Nov 18, 2025 SuSE
197

Debian LTS: Ghostscript Medium Buffer Overflow CVE-2025-7462 DLA-4330-1

Multiple vulnerabilities were discovered in ghostcript, an interpreter for the PostScript language and PDF. CVE-2025-7462 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4330-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Abhijith PA October 14, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : ghostscript Version : 9.53.3~dfsg-7+deb11u11 CVE ID : CVE-2025-7462 CVE-2025-59798 CVE-2025-59799 Multiple vulnerabilities were discovered in ghostcript, an interpreter for the PostScript language and PDF. CVE-2025-7462 Function pdf_ferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer dereference. It is possible to initiate the attack remotely. CVE-2025-59798 A stack-based buffer overflow in pdf_write_cmap in devices/vector/gdevpdtw.c. CVE-2025-59799 a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. For Debian 11 bullseye, these problems have been fixed in version 9.53.3~dfsg-7+deb11u11. We recommend that you upgrade your ghostscript packages. For the detailed security status of ghostscript please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/ghostscript Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Discover the security update DLA-4330-1 for Ghostscript addressing multiple vulnerabilities impacting Debian systems. Upgrade recommended.. Debian LTS, Ghostscript, Security Update, CVE-2025-7462. . Severity: Medium. LinuxSecurity.com Team

Calendar%202 Oct 14, 2025 Medium Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200