[El-errata] ELSA-2018-3834 Important: Oracle Linux 7 ghostscript security and bug fix update

[Errata Announcements for Oracle Linux]

Oracle Linux Security Advisory ELSA-2018-3834

http://linux.oracle.com/errata/ELSA-2018-3834.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
ghostscript-9.07-31.el7_6.6.i686.rpm
ghostscript-9.07-31.el7_6.6.x86_64.rpm
ghostscript-cups-9.07-31.el7_6.6.x86_64.rpm
ghostscript-devel-9.07-31.el7_6.6.i686.rpm
ghostscript-devel-9.07-31.el7_6.6.x86_64.rpm
ghostscript-doc-9.07-31.el7_6.6.noarch.rpm
ghostscript-gtk-9.07-31.el7_6.6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-31.el7_6.6.src.rpm



Description of changes:

[9.07-31.el7_6.6]
- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect
   smooth shading object (Error: /rangecheck in --run--)

[9.07-31.el7_6.5]
- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in
   pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error
   exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks
   can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks
   can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator
   allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in
   setpattern (700141)

[9.07-31.el7_6.4]
- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory
   access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of
   privilege" checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented
   security check in zsetdevice function in psi/zdevice.c