RHSA-2018:3650-01 -- Redhat ghostscriptID: oval:org.secpod.oval:def:502540 | Date: (C)2018-11-27 (M)2023-12-20 |
Class: PATCH | Family: unix |
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * ghostscript: .tempfile file permission issues * ghostscript: shading_param incomplete type checking * ghostscript: missing type check in type checker * ghostscript: incorrect access checking in temp file handling to disclose contents of files For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Tavis Ormandy for reporting CVE-2018-15908.
Platform: |
Red Hat Enterprise Linux 7 |