[ol7_latest] ghostscript-9.07-31.el7_6.10.aarch64

Name:	ghostscript
Version:	9.07
Release:	31.el7_6.10
Architecture:	aarch64
Group:	Applications/Publishing
Size:	17298526
License:	AGPLv3+ and Redistributable, no modification permitted
RPM:	ghostscript-9.07-31.el7_6.10.aarch64.rpm
Source RPM:	ghostscript-9.07-31.el7_6.10.src.rpm
Build Date:	Thu Mar 21 2019
Build Host:	ca-buildarm03.us.oracle.com
Vendor:	Oracle America
URL:	http://www.ghostscript.com/
Summary:	A PostScript interpreter and renderer
Description:	Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package.

Changelog (Show File list) (Show related packages)

Tue Jan 29 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.10

- Resolves: #1673915 - ghostscript: Regression: double comment chars
  '%' in gs_init.ps leading to missing metadata
- Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator
  is available (700585)
- Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource
  is still accessible (700576)

Thu Jan 24 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.9
```
- Related: #1667442 - CVE-2019-6116 - added missing parts of patch
```

Fri Jan 18 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.8

- Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within
  pseudo-operators must themselves be pseudo-operators

Thu Dec 20 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.7

- Resolves: #1665919 pdf2ps reports an error when reading from stdin
- Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in
  copydevice handling (699661)
- Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in
  psi/zdevice2.c (700153)
- Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in
  psi/zicc.c
- Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in
  psi/zfjbig2.c (700168)

Mon Dec 10 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.6

- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect
  smooth shading object (Error: /rangecheck in --run--)

Wed Dec 05 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.5

- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in
  pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error
  exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks
  can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks
  can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator
  allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in
  setpattern (700141)

Thu Nov 29 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.4

- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory
  access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of
  privilege" checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented
  security check in zsetdevice function in psi/zdevice.c

Wed Nov 28 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.3

- Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage)

Mon Nov 26 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.2

- Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for
  CVE-2018-16509

Wed Nov 14 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.1

- Remove as many non-standard operators as possible to make the codebase
  closer to upstream for later CVEs
- Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in type
  checker (699659)
- Resolves: #1649721 - CVE-2018-16539 ghostscript: incorrect access checking
  in temp file handling to disclose contents of files (699658) 
- Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission
  issues (699657)
- Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete
  type checking (699660)