[El-errata] ELSA-2017-2180 Low: Oracle Linux 7 ghostscript security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 8 13:52:08 PDT 2017


Oracle Linux Security Advisory ELSA-2017-2180

http://linux.oracle.com/errata/ELSA-2017-2180.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
ghostscript-9.07-28.el7.i686.rpm
ghostscript-9.07-28.el7.x86_64.rpm
ghostscript-cups-9.07-28.el7.x86_64.rpm
ghostscript-devel-9.07-28.el7.i686.rpm
ghostscript-devel-9.07-28.el7.x86_64.rpm
ghostscript-doc-9.07-28.el7.noarch.rpm
ghostscript-gtk-9.07-28.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-28.el7.src.rpm



Description of changes:

[9.07-28]
- Security fix for CVE-2017-8291 updated to address SIGSEGV

[9.07-27]
- Added security fix for CVE-2017-8291 (bug #1446063)

[9.07-26]
- Updated requirements for lcms2 to avoid possible issues in the future

[9.07-25]
- Added security fix for CVE-2017-7207 (bug #1434353)
- Added explicit requirement for lcms2 version we are build with (bug 
#1436273)

[9.07-24]
- Fix infinite 'for' loop in gdevp14.c file (bug #1424752)

[9.07-23]
- Fix for regression caused by previous CVE fixes (bug #1411725)

[9.07-22]
- Fix of SIGSEGV in cid_font_data_param when using ps2pdf (bug #1390847)

[9.07-21]
- Added security fixes for:
   - CVE-2013-5653 (bug #1380327)
   - CVE-2016-7977 (bug #1380415)
   - CVE-2016-7978 (bug #1382300)
   - CVE-2016-7979 (bug #1382305)
   - CVE-2016-8602 (bug #1383940)





More information about the El-errata mailing list