SUSE-SU-2019:2478-1 -- SLES ghostscript, 9.27
This update for ghostscript to 9.27 fixes the following issues: Security issues fixed: - CVE-2019-3835: Fixed an unauthorized file system access caused by an available superexec operator. - CVE-2019-3839: Fixed an unauthorized file system access caused by available privileged operators. - CVE-2019-12973: Fixed a denial-of-service vulnerability in the OpenJPEG function opj_t1_encode_cblks. - CVE-2019-14811: Fixed a safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator. - CVE-2019-14812: Fixed a safer mode bypass by .forceput exposure in setuserparams. - CVE-2019-14813: Fixed a safer mode bypass by .forceput exposure in setsystemparams. - CVE-2019-14817: Fixed a safer mode bypass by .forceput exposure in .pdfexectoken and other procedures
|
 |
30479 |
 |
423868 |
 |
250108 |
 |
909 |
 |
196064 |
 |
282 |
