Name: | ghostscript |
---|---|
Version: | 9.07 |
Release: | 31.el7_6.11 |
Architecture: | i686 |
Group: | Applications/Publishing |
Size: | 16059309 |
License: | AGPLv3+ and Redistributable, no modification permitted |
RPM: | ghostscript-9.07-31.el7_6.11.i686.rpm |
Source RPM: | ghostscript-9.07-31.el7_6.11.src.rpm |
Build Date: | Tue May 07 2019 |
Build Host: | x86-ol7-builder-03.us.oracle.com |
Vendor: | Oracle America |
URL: | http://www.ghostscript.com/ |
Summary: | A PostScript interpreter and renderer |
Description: | Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. If you need to display PostScript files or print them to non-PostScript printers, you should install ghostscript. If you install ghostscript, you also need to install the ghostscript-fonts package. |
- Resolves: #1673398 - CVE-2019-3839 ghostscript: missing attack vector protections for CVE-2019-6116 - fix for pdf2dsc regression added
- Resolves: #1673915 - ghostscript: Regression: double comment chars '%' in gs_init.ps leading to missing metadata - Resolves: #1678171 - CVE-2019-3835 ghostscript: superexec operator is available (700585) - Resolves: #1680025 - CVE-2019-3838 ghostscript: forceput in DefineResource is still accessible (700576)
- Related: #1667442 - CVE-2019-6116 - added missing parts of patch
- Resolves: #1667442 - CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators
- Resolves: #1665919 pdf2ps reports an error when reading from stdin - Resolves: #1657333 - CVE-2018-16540 ghostscript: use-after-free in copydevice handling (699661) - Resolves: #1660569 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) - Resolves: #1660828 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c - Resolves: #1661278 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168)
- Resolves: #1657822 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--)
- Resolves: #1654621 - CVE-2018-16541 ghostscript: incorrect free logic in pagedevice replacement (699664) - Resolves: #1650210 - CVE-2018-17183 ghostscript: User-writable error exception table - Resolves: #1645516 - CVE-2018-18073 ghostscript: saved execution stacks can leak operator arrays - Resolves: #1648891 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) - Resolves: #1643115 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass - Resolves: #1655937 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141)
- Resolves: #1651149 - CVE-2018-15911 ghostscript: uninitialized memory access in the aesdecode operator (699665) - Resolves: #1650060 - CVE-2018-16802 ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling - Resolves: #1652935 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c
- Resolves: #1654290 ghostscript update breaks xdvi (gs: Error: /undefined in flushpage)
- Resolves: #1652901 - CVE-2018-16863 ghostscript: incomplete fix for CVE-2018-16509