Debian 10219 Published by

A ghostscript security update has been released for Debian GNU/Linux 8 Extended LTS to address a security vulnerability.



ELA-606-1 ghostscript security update

Package ghostscript
Version 9.26a~dfsg-0+deb8u9
Related CVEs CVE-2019-25059

A security vulnerability was found in Ghostscript, the GPL PostScript/PDF interpreter. It was discovered that some privileged Postscript operators remained accessible from various places. For instance a specially crafted PostScript file could use this flaw in order to have access to the file system outside of the constrains imposed by -dSAFER.

For Debian 8 jessie, these problems have been fixed in version 9.26a~dfsg-0+deb8u9.

We recommend that you upgrade your ghostscript packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-606-1 ghostscript security update