Red Hat Product Errata RHSA-2009:0420 - Security Advisory
Issued:
2009-04-14
Updated:
2009-04-14

RHSA-2009:0420 - Security Advisory

Synopsis

Moderate: ghostscript security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated ghostscript packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

Ghostscript is a set of software that provides a PostScript interpreter, a
set of C procedures (the Ghostscript library, which implements the graphics
capabilities in the PostScript language) and an interpreter for Portable
Document Format (PDF) files.

It was discovered that the Red Hat Security Advisory RHSA-2009:0345 did not
address all possible integer overflow flaws in Ghostscript's International
Color Consortium Format library (icclib). Using specially-crafted ICC
profiles, an attacker could create a malicious PostScript or PDF file with
embedded images that could cause Ghostscript to crash or, potentially,
execute arbitrary code when opened. (CVE-2009-0792)

A missing boundary check was found in Ghostscript's CCITTFax decoding
filter. An attacker could create a specially-crafted PostScript or PDF file
that could cause Ghostscript to crash or, potentially, execute arbitrary
code when opened. (CVE-2007-6725)

Users of ghostscript are advised to upgrade to these updated packages,
which contain backported patches to correct these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7 ppc

Fixes

  • BZ - 491853 - CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583
  • BZ - 493442 - CVE-2007-6725 ghostscript: DoS (crash) in CCITTFax decoding filter

Red Hat Enterprise Linux Server 4

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
x86_64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: c82a162c0b100f2a4264ff0d9112ab28277ce101ffbad30718c920748b75c1fb
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: c82a162c0b100f2a4264ff0d9112ab28277ce101ffbad30718c920748b75c1fb
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 56b921e5d1ba49835970b05969af4a9f8a747dc179fcd9b0515bf80ed2446293
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 56b921e5d1ba49835970b05969af4a9f8a747dc179fcd9b0515bf80ed2446293
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 234e1792a70971f51458d7178b7c519741535d324f411b3d1b47b8a1909adea7
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 234e1792a70971f51458d7178b7c519741535d324f411b3d1b47b8a1909adea7
ia64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 8e7075bbc84657655f51f1b4af2e078bab271cf631b93dd8c7595c8356151f33
ghostscript-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 8e7075bbc84657655f51f1b4af2e078bab271cf631b93dd8c7595c8356151f33
ghostscript-devel-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 007038ad3601e823fb0c0c3ea06f0e6540a4ea4737042b614d7a3b7c276142fb
ghostscript-devel-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 007038ad3601e823fb0c0c3ea06f0e6540a4ea4737042b614d7a3b7c276142fb
ghostscript-gtk-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 7b21e2d82ddf5420cec7061f41f4769f65e9d0da6e888a0370238dbcc33e7c48
ghostscript-gtk-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 7b21e2d82ddf5420cec7061f41f4769f65e9d0da6e888a0370238dbcc33e7c48
i386
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm SHA-256: cf81d3effd50b4c98072b6c55c7dfd874abbc7b87274fa2e696b9d4c0fc0f325
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm SHA-256: cf81d3effd50b4c98072b6c55c7dfd874abbc7b87274fa2e696b9d4c0fc0f325
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm SHA-256: 6d42ca300973dfe3be6b6cd98cf656f1abc80d012b39874142a7b6b7f27d3467
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm SHA-256: 6d42ca300973dfe3be6b6cd98cf656f1abc80d012b39874142a7b6b7f27d3467

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.7

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
x86_64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: c82a162c0b100f2a4264ff0d9112ab28277ce101ffbad30718c920748b75c1fb
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: c82a162c0b100f2a4264ff0d9112ab28277ce101ffbad30718c920748b75c1fb
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 56b921e5d1ba49835970b05969af4a9f8a747dc179fcd9b0515bf80ed2446293
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 56b921e5d1ba49835970b05969af4a9f8a747dc179fcd9b0515bf80ed2446293
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 234e1792a70971f51458d7178b7c519741535d324f411b3d1b47b8a1909adea7
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 234e1792a70971f51458d7178b7c519741535d324f411b3d1b47b8a1909adea7
ia64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 8e7075bbc84657655f51f1b4af2e078bab271cf631b93dd8c7595c8356151f33
ghostscript-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 8e7075bbc84657655f51f1b4af2e078bab271cf631b93dd8c7595c8356151f33
ghostscript-devel-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 007038ad3601e823fb0c0c3ea06f0e6540a4ea4737042b614d7a3b7c276142fb
ghostscript-devel-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 007038ad3601e823fb0c0c3ea06f0e6540a4ea4737042b614d7a3b7c276142fb
ghostscript-gtk-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 7b21e2d82ddf5420cec7061f41f4769f65e9d0da6e888a0370238dbcc33e7c48
ghostscript-gtk-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 7b21e2d82ddf5420cec7061f41f4769f65e9d0da6e888a0370238dbcc33e7c48
i386
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm SHA-256: cf81d3effd50b4c98072b6c55c7dfd874abbc7b87274fa2e696b9d4c0fc0f325
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm SHA-256: cf81d3effd50b4c98072b6c55c7dfd874abbc7b87274fa2e696b9d4c0fc0f325
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm SHA-256: 6d42ca300973dfe3be6b6cd98cf656f1abc80d012b39874142a7b6b7f27d3467
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm SHA-256: 6d42ca300973dfe3be6b6cd98cf656f1abc80d012b39874142a7b6b7f27d3467

Red Hat Enterprise Linux Workstation 4

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
x86_64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: c82a162c0b100f2a4264ff0d9112ab28277ce101ffbad30718c920748b75c1fb
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 56b921e5d1ba49835970b05969af4a9f8a747dc179fcd9b0515bf80ed2446293
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 234e1792a70971f51458d7178b7c519741535d324f411b3d1b47b8a1909adea7
ia64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 8e7075bbc84657655f51f1b4af2e078bab271cf631b93dd8c7595c8356151f33
ghostscript-devel-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 007038ad3601e823fb0c0c3ea06f0e6540a4ea4737042b614d7a3b7c276142fb
ghostscript-gtk-7.07-33.2.el4_7.8.ia64.rpm SHA-256: 7b21e2d82ddf5420cec7061f41f4769f65e9d0da6e888a0370238dbcc33e7c48
i386
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm SHA-256: cf81d3effd50b4c98072b6c55c7dfd874abbc7b87274fa2e696b9d4c0fc0f325
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm SHA-256: 6d42ca300973dfe3be6b6cd98cf656f1abc80d012b39874142a7b6b7f27d3467

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Desktop 4

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
x86_64
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: c82a162c0b100f2a4264ff0d9112ab28277ce101ffbad30718c920748b75c1fb
ghostscript-devel-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 56b921e5d1ba49835970b05969af4a9f8a747dc179fcd9b0515bf80ed2446293
ghostscript-gtk-7.07-33.2.el4_7.8.x86_64.rpm SHA-256: 234e1792a70971f51458d7178b7c519741535d324f411b3d1b47b8a1909adea7
i386
ghostscript-7.07-33.2.el4_7.8.i386.rpm SHA-256: 7927b6fb2d08f352ccf51fc04c48ebddee29e1f97dc0038a4aa300fa0667e5a5
ghostscript-devel-7.07-33.2.el4_7.8.i386.rpm SHA-256: cf81d3effd50b4c98072b6c55c7dfd874abbc7b87274fa2e696b9d4c0fc0f325
ghostscript-gtk-7.07-33.2.el4_7.8.i386.rpm SHA-256: 6d42ca300973dfe3be6b6cd98cf656f1abc80d012b39874142a7b6b7f27d3467

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
s390x
ghostscript-7.07-33.2.el4_7.8.s390.rpm SHA-256: fe1e2484c9996b3c244ff8c5ada609c731dee0e841fc2e71319b5143c3ef3f06
ghostscript-7.07-33.2.el4_7.8.s390x.rpm SHA-256: fce79fbf8efa3b7c52074c74dff928272c14836515507e16279116be412b7e85
ghostscript-devel-7.07-33.2.el4_7.8.s390x.rpm SHA-256: 29884977c342223ebecb07a7a51f518d95a753c5ed581ba9480d6e22b63221e8
ghostscript-gtk-7.07-33.2.el4_7.8.s390x.rpm SHA-256: fcfb2db56f0b4fbf988070adcb1d28e05498cf5876cc0fcd7626cd9bec0197e4
s390
ghostscript-7.07-33.2.el4_7.8.s390.rpm SHA-256: fe1e2484c9996b3c244ff8c5ada609c731dee0e841fc2e71319b5143c3ef3f06
ghostscript-devel-7.07-33.2.el4_7.8.s390.rpm SHA-256: af7fc459f80c8e74454a7e7e811e991284927aa277f44d4f9936a74f4215ba8f
ghostscript-gtk-7.07-33.2.el4_7.8.s390.rpm SHA-256: 5c6dd5c5781b4925e0a4382f57346a4b25fac2c930e45b164207504b053982f1

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.7

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
s390x
ghostscript-7.07-33.2.el4_7.8.s390.rpm SHA-256: fe1e2484c9996b3c244ff8c5ada609c731dee0e841fc2e71319b5143c3ef3f06
ghostscript-7.07-33.2.el4_7.8.s390x.rpm SHA-256: fce79fbf8efa3b7c52074c74dff928272c14836515507e16279116be412b7e85
ghostscript-devel-7.07-33.2.el4_7.8.s390x.rpm SHA-256: 29884977c342223ebecb07a7a51f518d95a753c5ed581ba9480d6e22b63221e8
ghostscript-gtk-7.07-33.2.el4_7.8.s390x.rpm SHA-256: fcfb2db56f0b4fbf988070adcb1d28e05498cf5876cc0fcd7626cd9bec0197e4
s390
ghostscript-7.07-33.2.el4_7.8.s390.rpm SHA-256: fe1e2484c9996b3c244ff8c5ada609c731dee0e841fc2e71319b5143c3ef3f06
ghostscript-devel-7.07-33.2.el4_7.8.s390.rpm SHA-256: af7fc459f80c8e74454a7e7e811e991284927aa277f44d4f9936a74f4215ba8f
ghostscript-gtk-7.07-33.2.el4_7.8.s390.rpm SHA-256: 5c6dd5c5781b4925e0a4382f57346a4b25fac2c930e45b164207504b053982f1

Red Hat Enterprise Linux for Power, big endian 4

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
ppc
ghostscript-7.07-33.2.el4_7.8.ppc.rpm SHA-256: 409d19bb1cf07a2c8472416ae75ce009d90afc7266e96cf9082566414fd361ae
ghostscript-7.07-33.2.el4_7.8.ppc64.rpm SHA-256: ff40db511fc6a1a4cbbc19cf38316090b70d2fab82f3730cde5468aa45e7d413
ghostscript-devel-7.07-33.2.el4_7.8.ppc.rpm SHA-256: 4f8163f370eaa4c5d5e114eab91e833d74a2ae614d3e8369c015366558912e1a
ghostscript-gtk-7.07-33.2.el4_7.8.ppc.rpm SHA-256: ad30030a6c5cfe4b23d271863fc3aa885a59a93f96cb07a95a478a82ca117684

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.7

SRPM
ghostscript-7.07-33.2.el4_7.8.src.rpm SHA-256: 10b656ec4c43bf77cba84501f0f3e577f225f023f41dfc0f294bea3522e47e27
ppc
ghostscript-7.07-33.2.el4_7.8.ppc.rpm SHA-256: 409d19bb1cf07a2c8472416ae75ce009d90afc7266e96cf9082566414fd361ae
ghostscript-7.07-33.2.el4_7.8.ppc64.rpm SHA-256: ff40db511fc6a1a4cbbc19cf38316090b70d2fab82f3730cde5468aa45e7d413
ghostscript-devel-7.07-33.2.el4_7.8.ppc.rpm SHA-256: 4f8163f370eaa4c5d5e114eab91e833d74a2ae614d3e8369c015366558912e1a
ghostscript-gtk-7.07-33.2.el4_7.8.ppc.rpm SHA-256: ad30030a6c5cfe4b23d271863fc3aa885a59a93f96cb07a95a478a82ca117684

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.