Issued:: 2024-07-15
Updated:: 2024-07-15

RHSA-2024:4537 - Security Advisory

Overview
Updated Packages

Synopsis

Important: ghostscript security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ghostscript is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

Security Fix(es):

ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2283508 - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library

CVEs

CVE-2024-33871

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
ghostscript-9.25-6.el8_2.1.src.rpm	SHA-256: c2997dbacf69bfb278db50d5dc748bab4fd9b855665af7fa5a8c4e425e456bd8
x86_64
ghostscript-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 797b10c3e6cd47359f2451e0a054ee826b88943456ad5297dd6720f42d7ad9e8
ghostscript-debuginfo-9.25-6.el8_2.1.i686.rpm	SHA-256: 537f8c0fd2f37ea841bbe5667e088eb8e95bbe42fb5d0f42bcead32a4db0cb97
ghostscript-debuginfo-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 1a8f163c179e86d755ce295e862498e53dd4c5022a1e7884b9b6a1c83e2bac27
ghostscript-debugsource-9.25-6.el8_2.1.i686.rpm	SHA-256: 1a38e4453f49a21f0fb2944383fe5ea32145d8d054ed9efb0ce8a1539b8d5ddb
ghostscript-debugsource-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 395be2fb441a3076b63d71521a49842190f761290d6ab3bea9bd4f3213818b50
ghostscript-gtk-debuginfo-9.25-6.el8_2.1.i686.rpm	SHA-256: 828639ff8a9a59ebe050f99da61b5f3ab2b4aa0a11da137f8e6bc7038e69ec16
ghostscript-gtk-debuginfo-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 236c3ceb1d4c338e1ef0c8b2df1dcac315a6a6ae1591403393daba30a1cc0889
ghostscript-x11-debuginfo-9.25-6.el8_2.1.i686.rpm	SHA-256: ba5c87301b4e1a060f11cce7067124633df9d358510f0ed65ae7ff7661fac80e
ghostscript-x11-debuginfo-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 511c2bffe64d6296fa93b0100526c337bb5fea62ea0ac66939951d4e0e1cb4ef
libgs-9.25-6.el8_2.1.i686.rpm	SHA-256: 84980873303800f5a59d8417db6dd88903df053df2817d6d7d5a2e0343c27153
libgs-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 2efeb862e886f2227b1c5c09f6c972bc3fa50627ac02f73e2e6e33cf5b7f0eda
libgs-debuginfo-9.25-6.el8_2.1.i686.rpm	SHA-256: 2ce47fa9e56a5d1ea784cc2319222aff62ab184b9c055de060fb5f61f1e77f12
libgs-debuginfo-9.25-6.el8_2.1.x86_64.rpm	SHA-256: 15d7a974a8dd9f458e59f8baf12283078e6668e1b7250235b24b40a252f3de91

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation