Ghostscript Security Update for Oracle Linux
Posted on: 12/04/2018 09:16 AM

Updated Ghostscript packages has been released for Oracle Linux:

ELSA-2018-3760 Important: Oracle Linux 6 ghostscript security update
ELSA-2018-3761 Important: Oracle Linux 7 ghostscript security and bug fix update

ELSA-2018-3760 Important: Oracle Linux 6 ghostscript security update
Oracle Linux Security Advisory ELSA-2018-3760

http://linux.oracle.com/errata/ELSA-2018-3760.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
ghostscript-8.70-24.el6_10.2.i686.rpm
ghostscript-devel-8.70-24.el6_10.2.i686.rpm
ghostscript-doc-8.70-24.el6_10.2.i686.rpm
ghostscript-gtk-8.70-24.el6_10.2.i686.rpm

x86_64:
ghostscript-8.70-24.el6_10.2.i686.rpm
ghostscript-8.70-24.el6_10.2.x86_64.rpm
ghostscript-devel-8.70-24.el6_10.2.i686.rpm
ghostscript-devel-8.70-24.el6_10.2.x86_64.rpm
ghostscript-doc-8.70-24.el6_10.2.x86_64.rpm
ghostscript-gtk-8.70-24.el6_10.2.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/ghostscript-8.70-24.el6_10.2.src.rpm



Description of changes:

[8.70-24.el6_10.2]
- It was found that the fix for CVE-2018-16509 was not complete, the missing
pieces added into ghostscript-CVE-2018-16509.patch

[8.70-24.el6_10.1]
- Resolves: #1641124 - CVE-2018-16509 ghostscript: /invalidaccess bypass
after failed restore

[8.70-24]
- Added security fix for CVE-2017-8291 (bug #1446063)


ELSA-2018-3761 Important: Oracle Linux 7 ghostscript security and bug fix update
Oracle Linux Security Advisory ELSA-2018-3761

http://linux.oracle.com/errata/ELSA-2018-3761.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ghostscript-9.07-31.el7_6.3.i686.rpm
ghostscript-9.07-31.el7_6.3.x86_64.rpm
ghostscript-cups-9.07-31.el7_6.3.x86_64.rpm
ghostscript-devel-9.07-31.el7_6.3.i686.rpm
ghostscript-devel-9.07-31.el7_6.3.x86_64.rpm
ghostscript-doc-9.07-31.el7_6.3.noarch.rpm
ghostscript-gtk-9.07-31.el7_6.3.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-31.el7_6.3.src.rpm



Description of changes:

[9.07-31.el7_6.3]
- Resolves: #1654290 ghostscript update breaks xdvi (gs: Error:
/undefined in flushpage)

[9.07-31.el7_6.2]
- Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for
CVE-2018-16509





Printed from Linux Compatible (https://www.linuxcompatible.org/news/story/ghostscript_security_update_for_oracle_linux.html)