You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa ghostscript

Sigurnosni nedostatak programskog paketa ghostscript

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2019-7b9bb0e426
2019-03-20 21:17:00.935183
——————————————————————————–

Name : ghostscript
Product : Fedora 28
Version : 9.26
Release : 3.fc28
URL : https://ghostscript.com/
Summary : Interpreter for PostScript language & PDF
Description :
This package provides useful conversion utilities based on Ghostscript software,
for converting PS, PDF and other document formats between each other.

Ghostscript is a suite of software providing an interpreter for Adobe Systems’
PostScript (PS) and Portable Document Format (PDF) page description languages.
Its primary purpose includes displaying (rasterization & rendering) and printing
of document pages, as well as conversions between different document formats.

——————————————————————————–
Update Information:

– Security fix for CVE-2019-6116 – Fix for bug #1687144 added
——————————————————————————–
ChangeLog:

* Mon Mar 11 2019 Martin Osvald <mosvald@redhat.com> – 9.26-3
– Fix for bug #1687144 added
* Fri Mar 8 2019 Martin Osvald <mosvald@redhat.com> – 9.26-2
– Fix for CVE-2019-6116 added (bug #1668888)
* Thu Feb 7 2019 Martin Osvald <mosvald@redhat.com> – 9.26-1
– rebase to latest upstream version 9.26
– spec change to remove gsdoc.el due to upstream 8bc783cb586
* Mon Sep 17 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.25-1
– rebase to latest upstream version to fix additional issues found in 9.24
* Fri Sep 14 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.24-3
– ghostscript-9.24-002-icc-PermitReading.patch removed
– ghostscript-9.24-002-fix-for-Canon-and-Kyocera-printers.patch added (bug #1626818)
– ghostscript-9.24-003-CVE-2018-16802.patch added (bug #1627960)
* Fri Sep 7 2018 Tom Callaway <spot@fedoraproject.org> – 9.24-2
– add upstream fix for reading in ICC profiles
* Wed Sep 5 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.24-1
– rebase to latest upstream version, which contains important CVE fixes
– additional ZER0-DAY fixes added
* Wed Aug 29 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.23-7
– ghostscript-9.23-002-fixes-for-set-of-CVEs-reported-by-Google.patch added
* Mon Jul 30 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.23-6
– ghostscript-9.23-001-create-GC-descriptors-for-JPEG-passthrough.patch added (bug #1589467)
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> – 9.23-5
– Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue May 15 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.23-4
– One more rebuild for libidn ABI fix (BZ#’s 1573961 and 1566414)
* Mon May 14 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.23-3
– %conflicts_vers bumped to fix F27->F28 upgrade
* Thu May 10 2018 Stephen Gallagher <sgallagh@redhat.com> – 9.23-2.1
– Rebuilding for libidn ABI fix (BZ#’s 1573961 and 1566414)
* Mon Apr 23 2018 David Kaspar [Dee’Kej] <dkaspar@redhat.com> – 9.23-2
– Fix for CVE-2018-10194 added (bug #1569821)
——————————————————————————–
References:

[ 1 ] Bug #1668888 – CVE-2019-6116 ghostscript: subroutines within pseudo-operators must themselves be pseudo-operators (700317) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1668888
[ 2 ] Bug #1687144 – transparent png not supported in scribus
https://bugzilla.redhat.com/show_bug.cgi?id=1687144
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-7b9bb0e426’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

AutorFilip Karamatic
Cert idNCERT-REF-2019-03-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Ranjivost Cisco IP telefona

Otkrivena je ranjivost kod web upravljačkog sučelja Session Initiation Protocol (SIP) softvera za Cisco IP telefone serije 8800 uzrokovana neograničavanjem...

Close