[El-errata] ELSA-2019-0971 Important: Oracle Linux 8 ghostscript security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Aug 1 06:56:16 PDT 2019
Oracle Linux Security Advisory ELSA-2019-0971
http://linux.oracle.com/errata/ELSA-2019-0971.html
The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:
x86_64:
ghostscript-9.25-2.el8_0.1.x86_64.rpm
libgs-9.25-2.el8_0.1.i686.rpm
libgs-9.25-2.el8_0.1.x86_64.rpm
ghostscript-doc-9.25-2.el8_0.1.noarch.rpm
ghostscript-tools-dvipdf-9.25-2.el8_0.1.x86_64.rpm
ghostscript-tools-fonts-9.25-2.el8_0.1.x86_64.rpm
ghostscript-tools-printing-9.25-2.el8_0.1.x86_64.rpm
ghostscript-x11-9.25-2.el8_0.1.x86_64.rpm
libgs-devel-9.25-2.el8_0.1.i686.rpm
libgs-devel-9.25-2.el8_0.1.x86_64.rpm
aarch64:
ghostscript-9.25-2.el8_0.1.aarch64.rpm
libgs-9.25-2.el8_0.1.aarch64.rpm
ghostscript-doc-9.25-2.el8_0.1.noarch.rpm
ghostscript-tools-dvipdf-9.25-2.el8_0.1.aarch64.rpm
ghostscript-tools-fonts-9.25-2.el8_0.1.aarch64.rpm
ghostscript-tools-printing-9.25-2.el8_0.1.aarch64.rpm
ghostscript-x11-9.25-2.el8_0.1.aarch64.rpm
libgs-devel-9.25-2.el8_0.1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/ghostscript-9.25-2.el8_0.1.src.rpm
Description of changes:
[9.25-2.1]
- Resolves: #1692798 - CVE-2019-3839 ghostscript: missing attack vector
protections for CVE-2019-6116
- Resolves: #1678170 - CVE-2019-3835 ghostscript: superexec operator
is available (700585)
- Resolves: #1691414 - CVE-2019-3838 ghostscript: forceput in DefineResource
is still accessible (700576)
- fix included for ghostscript: Regression: double comment chars
'%' in gs_init.ps leading to missing metadata
- fix for pdf2dsc regression added to allow fix for CVE-2019-3839
More information about the El-errata
mailing list