Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2019:2281 - Security Advisory
Issued:
2019-08-06
Updated:
2019-08-06

RHSA-2019:2281 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: ghostscript security, bug fix, and enhancement update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ghostscript is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

The following packages have been upgraded to a later upstream version: ghostscript (9.25). (BZ#1636115)

Security Fix(es):

  • ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files (CVE-2018-11645)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux Workstation 7 x86_64
  • Red Hat Enterprise Linux Desktop 7 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 7 s390x
  • Red Hat Enterprise Linux for Power, big endian 7 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 1585914 - CVE-2018-11645 ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files
  • BZ - 1653706 - ps2pdf fails after fontconfig upgrade in RHEL 7.6
  • BZ - 1654045 - ghostscript update breaks xdvi (gs: Error: /undefined in flushpage)
  • BZ - 1657694 - ghostscript: Regression: Warning: Dropping incorrect smooth shading object (Error: /rangecheck in --run--)
  • BZ - 1661210 - ghostscript: Regression: pdf2ps reports an error when reading from stdin (Error: /invalidfileaccess in --run--)
  • BZ - 1669611 - ghostscript: Regression: SEGV in names_ref on converting faulty PS to PDF

CVEs

  • CVE-2018-11645

References

  • https://access.redhat.com/security/updates/classification/#low
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
x86_64
ghostscript-9.25-2.el7.i686.rpm SHA-256: a7ed52f20288c8404c81efb0f75c75cbaf09845a1719df70c37f06760a2fade7
ghostscript-9.25-2.el7.x86_64.rpm SHA-256: 9a32e1fca203c993cd43b2bbfde5a253546bf60ebea39d589ff63e8a28c99f96
ghostscript-cups-9.25-2.el7.x86_64.rpm SHA-256: b11694389ad68df514599be3d3d30e3bd6aaa456e83244ded471d3b58fea42b9
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.x86_64.rpm SHA-256: f8fd42d8b086a9e2a694d3f2faed7118d3df7efbdfed1905f28f9ed98f12b9b0
libgs-9.25-2.el7.i686.rpm SHA-256: 0027412360e7fcbd144ce08b4e7b8a648a2fa4feb8d7e55ae5517fcf13958f60
libgs-9.25-2.el7.x86_64.rpm SHA-256: 4e36d93eadd6adbaa7711f8fffa609e133576893273dc80a0bb11343c7caebc7
libgs-devel-9.25-2.el7.i686.rpm SHA-256: 0992372bce6052c98094240822380dc3b222d4972567f2dee2fd5a129cf03c43
libgs-devel-9.25-2.el7.x86_64.rpm SHA-256: 87787d883a49129b28ab125fb78142ffc9971323ec16c297fc3c733e4ceab4c9

Red Hat Enterprise Linux Workstation 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
x86_64
ghostscript-9.25-2.el7.i686.rpm SHA-256: a7ed52f20288c8404c81efb0f75c75cbaf09845a1719df70c37f06760a2fade7
ghostscript-9.25-2.el7.x86_64.rpm SHA-256: 9a32e1fca203c993cd43b2bbfde5a253546bf60ebea39d589ff63e8a28c99f96
ghostscript-cups-9.25-2.el7.x86_64.rpm SHA-256: b11694389ad68df514599be3d3d30e3bd6aaa456e83244ded471d3b58fea42b9
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.x86_64.rpm SHA-256: f8fd42d8b086a9e2a694d3f2faed7118d3df7efbdfed1905f28f9ed98f12b9b0
libgs-9.25-2.el7.i686.rpm SHA-256: 0027412360e7fcbd144ce08b4e7b8a648a2fa4feb8d7e55ae5517fcf13958f60
libgs-9.25-2.el7.x86_64.rpm SHA-256: 4e36d93eadd6adbaa7711f8fffa609e133576893273dc80a0bb11343c7caebc7
libgs-devel-9.25-2.el7.i686.rpm SHA-256: 0992372bce6052c98094240822380dc3b222d4972567f2dee2fd5a129cf03c43
libgs-devel-9.25-2.el7.x86_64.rpm SHA-256: 87787d883a49129b28ab125fb78142ffc9971323ec16c297fc3c733e4ceab4c9

Red Hat Enterprise Linux Desktop 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
x86_64
ghostscript-9.25-2.el7.i686.rpm SHA-256: a7ed52f20288c8404c81efb0f75c75cbaf09845a1719df70c37f06760a2fade7
ghostscript-9.25-2.el7.x86_64.rpm SHA-256: 9a32e1fca203c993cd43b2bbfde5a253546bf60ebea39d589ff63e8a28c99f96
ghostscript-cups-9.25-2.el7.x86_64.rpm SHA-256: b11694389ad68df514599be3d3d30e3bd6aaa456e83244ded471d3b58fea42b9
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.x86_64.rpm SHA-256: f8fd42d8b086a9e2a694d3f2faed7118d3df7efbdfed1905f28f9ed98f12b9b0
libgs-9.25-2.el7.i686.rpm SHA-256: 0027412360e7fcbd144ce08b4e7b8a648a2fa4feb8d7e55ae5517fcf13958f60
libgs-9.25-2.el7.x86_64.rpm SHA-256: 4e36d93eadd6adbaa7711f8fffa609e133576893273dc80a0bb11343c7caebc7
libgs-devel-9.25-2.el7.i686.rpm SHA-256: 0992372bce6052c98094240822380dc3b222d4972567f2dee2fd5a129cf03c43
libgs-devel-9.25-2.el7.x86_64.rpm SHA-256: 87787d883a49129b28ab125fb78142ffc9971323ec16c297fc3c733e4ceab4c9

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
s390x
ghostscript-9.25-2.el7.s390.rpm SHA-256: 9acf289c6ca6dd376abbeb23375c4122da47cac5aa58c86e7c0363c093c0d9bd
ghostscript-9.25-2.el7.s390x.rpm SHA-256: f8bd39e168ad45dbb0d36e2d5c35b525e3589e8ab7bbc71d14e4b0cf14de6ccd
ghostscript-cups-9.25-2.el7.s390x.rpm SHA-256: 36add8657b01e53c9b0b5d08649202ee663ebd629d2bf26dab5e0241e01e6a4f
ghostscript-debuginfo-9.25-2.el7.s390.rpm SHA-256: 497279e432da60fd8abe9a8b351dc201993dbfd447b17cb9f0a1ba33d62f4fa9
ghostscript-debuginfo-9.25-2.el7.s390.rpm SHA-256: 497279e432da60fd8abe9a8b351dc201993dbfd447b17cb9f0a1ba33d62f4fa9
ghostscript-debuginfo-9.25-2.el7.s390x.rpm SHA-256: b34685998cca2b1d1b5cbb306747deadab596870a382cd9849ea3d01de72218d
ghostscript-debuginfo-9.25-2.el7.s390x.rpm SHA-256: b34685998cca2b1d1b5cbb306747deadab596870a382cd9849ea3d01de72218d
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.s390x.rpm SHA-256: 1349559014b71725a901717c901adb771f16127831f9e631a5bb710c733c1882
libgs-9.25-2.el7.s390.rpm SHA-256: f40e84f97cfe4904039183afd328740d3158abe03ee2053ac2ced64c3e6808f6
libgs-9.25-2.el7.s390x.rpm SHA-256: 414a00f19ba05a384f2a18ec1f7c5ba3ee26872f451561774aa2c1261ba3dff6
libgs-devel-9.25-2.el7.s390.rpm SHA-256: a0d89a89130016cdf6754390fc898e8ef2e4dadc16f89994d11861d6e9b4339c
libgs-devel-9.25-2.el7.s390x.rpm SHA-256: a5a48e39b15d37d49ed6f4798418d806c7ff851b2f75f1945ff0698631bd1566

Red Hat Enterprise Linux for Power, big endian 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
ppc64
ghostscript-9.25-2.el7.ppc.rpm SHA-256: 1c366b811f2036e04bb58508518ae66d92a9274bf8de3f348717082c061f2ede
ghostscript-9.25-2.el7.ppc64.rpm SHA-256: 3595f9544983f2866bbbb9e21bd5c4fbf0ab19b8dee2fbd03a29f5b570c33dd4
ghostscript-cups-9.25-2.el7.ppc64.rpm SHA-256: dff210f267a5cfe9eae5212c7df6413c3ba74044445aa5a795052a3d0336c52e
ghostscript-debuginfo-9.25-2.el7.ppc.rpm SHA-256: d7e0ad9f2ff5c9bdf2427262a81828626ab07d45ca4ebc9943a537c04aeae138
ghostscript-debuginfo-9.25-2.el7.ppc.rpm SHA-256: d7e0ad9f2ff5c9bdf2427262a81828626ab07d45ca4ebc9943a537c04aeae138
ghostscript-debuginfo-9.25-2.el7.ppc64.rpm SHA-256: 00c56c421cb5c0b6739f88aadda1932615651cdb89cf9af144347eecf7800ed0
ghostscript-debuginfo-9.25-2.el7.ppc64.rpm SHA-256: 00c56c421cb5c0b6739f88aadda1932615651cdb89cf9af144347eecf7800ed0
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.ppc64.rpm SHA-256: 7eec257a23fd5e6185d21649dea6f58c80c1079d4ff392b2d00dbe892045ac37
libgs-9.25-2.el7.ppc.rpm SHA-256: bb2692c4337025f27ecc96127b78900f42defbf6920e0753830f95cdd6ac8f59
libgs-9.25-2.el7.ppc64.rpm SHA-256: 42f238157ccb4bb01d1f1bff78b921af214c17f5100b392c2466a8284713168a
libgs-devel-9.25-2.el7.ppc.rpm SHA-256: b836b3c4ddaadc3fff84b366f210c110e76e8a487fcace07f64726270a5a7e80
libgs-devel-9.25-2.el7.ppc64.rpm SHA-256: f364ecd7f30e24ba28d088924cd634de6ec8db25a89ce27bd273c40cbb71112d

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
x86_64
ghostscript-9.25-2.el7.i686.rpm SHA-256: a7ed52f20288c8404c81efb0f75c75cbaf09845a1719df70c37f06760a2fade7
ghostscript-9.25-2.el7.x86_64.rpm SHA-256: 9a32e1fca203c993cd43b2bbfde5a253546bf60ebea39d589ff63e8a28c99f96
ghostscript-cups-9.25-2.el7.x86_64.rpm SHA-256: b11694389ad68df514599be3d3d30e3bd6aaa456e83244ded471d3b58fea42b9
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.i686.rpm SHA-256: eb757fe082042c174f2e151151605f09494a8c3cfff244410ab9072b18b24705
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-debuginfo-9.25-2.el7.x86_64.rpm SHA-256: 08930e6a695a7edc1989d3ec9687c31bfa37372404eab96ec980218622f63518
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.x86_64.rpm SHA-256: f8fd42d8b086a9e2a694d3f2faed7118d3df7efbdfed1905f28f9ed98f12b9b0
libgs-9.25-2.el7.i686.rpm SHA-256: 0027412360e7fcbd144ce08b4e7b8a648a2fa4feb8d7e55ae5517fcf13958f60
libgs-9.25-2.el7.x86_64.rpm SHA-256: 4e36d93eadd6adbaa7711f8fffa609e133576893273dc80a0bb11343c7caebc7
libgs-devel-9.25-2.el7.i686.rpm SHA-256: 0992372bce6052c98094240822380dc3b222d4972567f2dee2fd5a129cf03c43
libgs-devel-9.25-2.el7.x86_64.rpm SHA-256: 87787d883a49129b28ab125fb78142ffc9971323ec16c297fc3c733e4ceab4c9

Red Hat Enterprise Linux for Power, little endian 7

SRPM
ghostscript-9.25-2.el7.src.rpm SHA-256: 87ce27383f196ee74237ea5f72d59cf36861b2499f071df91b1c69ef186093ea
ppc64le
ghostscript-9.25-2.el7.ppc64le.rpm SHA-256: 3b5515ecf6f821ec728e388bc91d095933e0f4ebbcf87cbc094a5588c91dd13e
ghostscript-cups-9.25-2.el7.ppc64le.rpm SHA-256: 4973b39487983455d2e878d8affa943ea278ae1099416c1c75070e4fe94d5032
ghostscript-debuginfo-9.25-2.el7.ppc64le.rpm SHA-256: 109e93ce0d3ab9d7cf4c04a18c797c7e4749cc96b54039c88bd841b61cce2a7f
ghostscript-debuginfo-9.25-2.el7.ppc64le.rpm SHA-256: 109e93ce0d3ab9d7cf4c04a18c797c7e4749cc96b54039c88bd841b61cce2a7f
ghostscript-doc-9.25-2.el7.noarch.rpm SHA-256: 756d1801d5aa0e625960f16728c5641ae1f26e62be85c3ce5f96eea9b20d827d
ghostscript-gtk-9.25-2.el7.ppc64le.rpm SHA-256: 15ab0507fd1fe2b9708acd025fffd398b518a23bb68307f0495b1a08b10cd98a
libgs-9.25-2.el7.ppc64le.rpm SHA-256: f440472842c292767eee5a7a950f0afced4a38f7ca0d9dbfc9d9e2af81b62c43
libgs-devel-9.25-2.el7.ppc64le.rpm SHA-256: 89e78b76b82fcc489524db0825af88040713cfe2c1074142f4b51038859f1fa5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter