Ghostscript update for Fedora 40

Fedora Linux 8951 Published by

A ghostscript update has been released for Fedora Linux 40:

Fedora 40 Update: ghostscript-10.02.1-14.fc40




[SECURITY] Fedora 40 Update: ghostscript-10.02.1-14.fc40


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2025-3a7a29de24
2025-04-10 02:44:37.887866+00:00
--------------------------------------------------------------------------------

Name : ghostscript
Product : Fedora 40
Version : 10.02.1
Release : 14.fc40
URL : https://ghostscript.com/
Summary : Interpreter for PostScript language & PDF
Description :
This package provides useful conversion utilities based on Ghostscript software,
for converting PS, PDF and other document formats between each other.

Ghostscript is a suite of software providing an interpreter for Adobe Systems'
PostScript (PS) and Portable Document Format (PDF) page description languages.
Its primary purpose includes displaying (rasterization & rendering) and printing
of document pages, as well as conversions between different document formats.

--------------------------------------------------------------------------------
Update Information:

CVE-2025-27835 ghostscript: Buffer overflow when converting glyphs to unicode
(fedora#2355025)
CVE-2025-27834 ghostscript: Buffer overflow caused by an oversized Type 4
function in a PDF (fedora#2355023)
CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow
(fedora#2355021)
CVE-2025-27836 ghostscript: device: Print buffer overflow (fedora#2355019)
CVE-2025-27830 ghostscript: Buffer overflow during serialization of DollarBlend
in font (fedora#2355015)
CVE-2025-27833 ghostscript: Buffer overflow with long TTF font name
(fedora#2355011)
CVE-2025-27837 ghostscript: Access to arbitrary files through truncated path
with invalid UTF-8 (fedora#2355009)
CVE-2025-27831 ghostscript: Text buffer overflow with long characters
(fedora#2355007)
--------------------------------------------------------------------------------
ChangeLog:

* Fri Mar 28 2025 Zdenek Dohnal [zdohnal@redhat.com] - 10.02.1-14
- CVE-2025-27835 ghostscript: Buffer overflow when converting glyphs to unicode (fedora#2355025)
- CVE-2025-27834 ghostscript: Buffer overflow caused by an oversized Type 4 function in a PDF (fedora#2355023)
- CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow (fedora#2355021)
- CVE-2025-27836 ghostscript: device: Print buffer overflow (fedora#2355019)
- CVE-2025-27830 ghostscript: Buffer overflow during serialization of DollarBlend in font (fedora#2355015)
- CVE-2025-27833 ghostscript: Buffer overflow with long TTF font name (fedora#2355011)
- CVE-2025-27837 ghostscript: Access to arbitrary files through truncated path with invalid UTF-8 (fedora#2355009)
- CVE-2025-27831 ghostscript: Text buffer overflow with long characters (fedora#2355007)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2354947 - CVE-2025-27835 Ghostscript: Buffer overflow when converting glyphs to unicode
https://bugzilla.redhat.com/show_bug.cgi?id=2354947
[ 2 ] Bug #2354948 - CVE-2025-27834 Ghostscript: Buffer overflow caused by an oversized Type 4 function in a PDF
https://bugzilla.redhat.com/show_bug.cgi?id=2354948
[ 3 ] Bug #2354949 - CVE-2025-27832 Ghostscript: NPDL device: Compression buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2354949
[ 4 ] Bug #2354952 - CVE-2025-27836 Ghostscript: device: Print buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2354952
[ 5 ] Bug #2354953 - CVE-2025-27830 Ghostscript: Buffer overflow during serialization of DollarBlend in font
https://bugzilla.redhat.com/show_bug.cgi?id=2354953
[ 6 ] Bug #2354954 - CVE-2025-27833 Ghostscript: Buffer overflow with long TTF font name
https://bugzilla.redhat.com/show_bug.cgi?id=2354954
[ 7 ] Bug #2354961 - CVE-2025-27837 Ghostscript: Access to arbitrary files through truncated path with invalid UTF-8
https://bugzilla.redhat.com/show_bug.cgi?id=2354961
[ 8 ] Bug #2354963 - CVE-2025-27831 Ghostscript: Text buffer overflow with long characters
https://bugzilla.redhat.com/show_bug.cgi?id=2354963
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2025-3a7a29de24' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

--


VSCodium 1.99.12392 released

Kubernetes, Webkit2GTK, Red Hat Advanced Cluster Management, Go, Delve, OpenShift updates for RHEL

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...