Oracle Linux 6277 Published by

Updated Ghostscript packages has been released for Oracle Linux 7:

ELSA-2018-3650 Important: Oracle Linux 7 ghostscript security update
ELSA-2018-3650 Important: Oracle Linux 7 ghostscript security update (aarch64)



ELSA-2018-3650 Important: Oracle Linux 7 ghostscript security update

Oracle Linux Security Advisory ELSA-2018-3650

http://linux.oracle.com/errata/ELSA-2018-3650.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
ghostscript-9.07-31.el7_6.1.i686.rpm
ghostscript-9.07-31.el7_6.1.x86_64.rpm
ghostscript-cups-9.07-31.el7_6.1.x86_64.rpm
ghostscript-devel-9.07-31.el7_6.1.i686.rpm
ghostscript-devel-9.07-31.el7_6.1.x86_64.rpm
ghostscript-doc-9.07-31.el7_6.1.noarch.rpm
ghostscript-gtk-9.07-31.el7_6.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-31.el7_6.1.src.rpm



Description of changes:

[9.07-31.el7_6.1]
- Remove as many non-standard operators as possible to make the codebase
closer to upstream for later CVEs
- Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in
type
checker (699659)
- Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission
issues (699657)
- Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete
type checking (699660)

ELSA-2018-3650 Important: Oracle Linux 7 ghostscript security update (aarch64)

Oracle Linux Security Advisory ELSA-2018-3650

http://linux.oracle.com/errata/ELSA-2018-3650.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
ghostscript-9.07-31.el7_6.1.aarch64.rpm
ghostscript-cups-9.07-31.el7_6.1.aarch64.rpm
ghostscript-devel-9.07-31.el7_6.1.aarch64.rpm
ghostscript-doc-9.07-31.el7_6.1.noarch.rpm
ghostscript-gtk-9.07-31.el7_6.1.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/ghostscript-9.07-31.el7_6.1.src.rpm



Description of changes:

[9.07-31.el7_6.1]
- Remove as many non-standard operators as possible to make the codebase
closer to upstream for later CVEs
- Resolves: #1621383 - CVE-2018-16511 ghostscript: missing type check in
type
checker (699659)
- Resolves: #1621159 - CVE-2018-15908 ghostscript: .tempfile file permission
issues (699657)
- Resolves: #1621381 - CVE-2018-15909 ghostscript: shading_param incomplete
type checking (699660)