Name: | ghostscript |
Version: | 9.07 |
Release: | 31.el7_6.10 |
Architecture: | i686 |
Group: | Applications/Publishing |
Size: | 16058246 |
License: | AGPLv3+ and Redistributable, no modification permitted |
RPM: |
ghostscript-9.07-31.el7_6.10.i686.rpm
|
Source RPM: |
ghostscript-9.07-31.el7_6.10.src.rpm
|
Build Date: | Thu Mar 21 2019 |
Build Host: | x86-ol7-builder-03.us.oracle.com |
Vendor: | Oracle America |
URL: | http://www.ghostscript.com/ |
Summary: | A PostScript interpreter and renderer |
Description: | Ghostscript is a set of software that provides a PostScript
interpreter, a set of C procedures (the Ghostscript library, which
implements the graphics capabilities in the PostScript language) and
an interpreter for Portable Document Format (PDF) files. Ghostscript
translates PostScript code into many common, bitmapped formats, like
those understood by your printer or screen. Ghostscript is normally
used to display PostScript files and to print PostScript files to
non-PostScript printers.
If you need to display PostScript files or print them to
non-PostScript printers, you should install ghostscript. If you
install ghostscript, you also need to install the ghostscript-fonts
package. |
-
Tue Jan 29 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.10
- Resolves: #1673915 - ghostscript: Regression: double comment chars
'%' in gs_init.ps leading to missing metadata
- Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator
is available (700585)
- Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource
is still accessible (700576)
-
Thu Jan 24 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.9
- Related: #1667442 - CVE-2019-6116 - added missing parts of patch
-
Fri Jan 18 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.8
- Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within
pseudo-operators must themselves be pseudo-operators
-
Thu Dec 20 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.7
- Resolves: #1665919 pdf2ps reports an error when reading from stdin
- Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in
copydevice handling (699661)
- Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in
psi/zdevice2.c (700153)
- Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in
psi/zicc.c
- Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in
psi/zfjbig2.c (700168)
-
Mon Dec 10 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.6
- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect
smooth shading object (Error: /rangecheck in --run--)
-
Wed Dec 05 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.5
- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in
pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error
exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks
can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks
can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator
allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in
setpattern (700141)
-
Thu Nov 29 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.4
- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory
access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of
privilege" checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented
security check in zsetdevice function in psi/zdevice.c
-
Wed Nov 28 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.3
- Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage)
-
Mon Nov 26 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.2
- Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for
CVE-2018-16509
-
Wed Nov 14 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.1
- Remove as many non-standard operators as possible to make the codebase
closer to upstream for later CVEs
- Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type
checker (699659)
- Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking
in temp file handling to disclose contents of files (699658)
- Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission
issues (699657)
- Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete
type checking (699660)