[ol7_optional_latest] ghostscript-gtk-9.07-31.el7_6.11.aarch64

Name:	ghostscript-gtk
Version:	9.07
Release:	31.el7_6.11
Architecture:	aarch64
Group:	Applications/Publishing
Size:	69640
License:	AGPLv3+ and Redistributable, no modification permitted
RPM:	ghostscript-gtk-9.07-31.el7_6.11.aarch64.rpm
Source RPM:	ghostscript-9.07-31.el7_6.11.src.rpm
Build Date:	Tue May 07 2019
Build Host:	ca-buildarm03.us.oracle.com
Vendor:	Oracle America
URL:	http://www.ghostscript.com/
Summary:	A GTK-enabled PostScript interpreter and renderer
Description:	A GTK-enabled version of Ghostscript, called 'gsx'.

Changelog (Show File list) (Show related packages)

Thu Mar 21 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.11

- Resolves: #1673398 - CVE-2019-3839 ghostscript: missing attack vector
  protections for CVE-2019-6116
- fix for pdf2dsc regression added

Tue Jan 29 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.10

- Resolves: #1673915 - ghostscript: Regression: double comment chars
  '%' in gs_init.ps leading to missing metadata
- Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator
  is available (700585)
- Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource
  is still accessible (700576)

Thu Jan 24 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.9
```
- Related: #1667442 - CVE-2019-6116 - added missing parts of patch
```

Fri Jan 18 2019 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.8

- Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within
  pseudo-operators must themselves be pseudo-operators

Thu Dec 20 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.7

- Resolves: #1665919 pdf2ps reports an error when reading from stdin
- Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in
  copydevice handling (699661)
- Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in
  psi/zdevice2.c (700153)
- Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in
  psi/zicc.c
- Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in
  psi/zfjbig2.c (700168)

Mon Dec 10 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.6

- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect
  smooth shading object (Error: /rangecheck in --run--)

Wed Dec 05 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.5

- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in
  pagedevice replacement (699664)
- Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error
  exception table
- Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks
  can leak operator arrays
- Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks
  can leak operator arrays (incomplete fix for CVE-2018-17183)
- Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator
  allows a sandbox protection bypass
- Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in
  setpattern (700141)

Thu Nov 29 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.4

- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory
  access in the aesdecode operator (699665)
- Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of
  privilege" checking when running out of stack during exception handling
- Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented
  security check in zsetdevice function in psi/zdevice.c

Wed Nov 28 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.3

- Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage)

Mon Nov 26 2018 Martin Osvald <mosvald@redhat.com> - 9.07-31.el7_6.2

- Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for
  CVE-2018-16509