[El-errata] ELSA-2025-7499 Moderate: Oracle Linux 10 ghostscript security update

Tue Jul 1 05:21:25 UTC 2025

Oracle Linux Security Advisory ELSA-2025-7499

http://linux.oracle.com/errata/ELSA-2025-7499.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
ghostscript-10.02.1-16.el10_0.x86_64.rpm
ghostscript-doc-10.02.1-16.el10_0.noarch.rpm
ghostscript-tools-dvipdf-10.02.1-16.el10_0.noarch.rpm
ghostscript-tools-fonts-10.02.1-16.el10_0.noarch.rpm
ghostscript-tools-printing-10.02.1-16.el10_0.noarch.rpm
libgs-10.02.1-16.el10_0.x86_64.rpm
libgs-devel-10.02.1-16.el10_0.x86_64.rpm

aarch64:
ghostscript-10.02.1-16.el10_0.aarch64.rpm
ghostscript-doc-10.02.1-16.el10_0.noarch.rpm
ghostscript-tools-dvipdf-10.02.1-16.el10_0.noarch.rpm
ghostscript-tools-fonts-10.02.1-16.el10_0.noarch.rpm
ghostscript-tools-printing-10.02.1-16.el10_0.noarch.rpm
libgs-10.02.1-16.el10_0.aarch64.rpm
libgs-devel-10.02.1-16.el10_0.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/ghostscript-10.02.1-16.el10_0.src.rpm

Related CVEs:

CVE-2024-46951
CVE-2024-46952
CVE-2024-46953
CVE-2024-46954
CVE-2024-46956

Description of changes:

[10.02.1-16]
- RHEL-88964 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow

[10.02.1-15]
- RHEL-67044 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
- RHEL-67050 CVE-2024-46952 ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling
- RHEL-67050 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
- RHEL-67050 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
- RHEL-67050 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution