FEDORA-2019-077a3f23c0

security update in Fedora 29 for ghostscript

Status: stable 8 months ago
  • rebase to latest upstream version 9.26
  • Security fix for CVE-2018-19478 CVE-2018-19134 CVE-2018-19477 CVE-2018-19476 CVE-2018-19475 CVE-2018-19409 CVE-2018-18284 CVE-2018-18073 CVE-2018-17961

How to install

sudo dnf upgrade --advisory=FEDORA-2019-077a3f23c0

Comments 11

This update has been submitted for testing by mosvald.

mosvald edited this update.

This update has been pushed to testing.

Works great! LGTM! =)

karma: +1

Works fine for me.

karma: +1

Works fine for me.

karma: +1

Works fine for me.

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by mosvald.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 8 months ago
in testing 8 months ago
in stable 8 months ago
modified 8 months ago

Related Bugs 11

00 #1642579 CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) [fedora-all]
00 #1642585 CVE-2018-18073 ghostscript: Saved execution stacks can leak operator arrays [fedora-all]
00 #1642943 CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass [fedora-all]
00 #1652584 CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c [fedora-all]
00 #1654460 CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) [fedora-all]
00 #1654465 CVE-2018-19476 ghostscript: access bypass in psi/zicc.c [fedora-all]
00 #1654470 CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) [fedora-all]
00 #1656319 CVE-2018-19478 ghostscript: Attempting to open a carefully crafted PDF file results in long-running computation (699856) [fedora-all]
00 #1656320 CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) [fedora-all]
00 #1658244 [abrt] ghostscript: SkipPage(): gs killed by SIGSEGV
00 #1663896 GS fails to process many EPS files - Error: /nocurrentpoint in --currentpoint--

Automated Test Results