Red Hat Product Errata RHSA-2024:4544 - Security Advisory
Issued:
2024-07-15
Updated:
2024-07-15

RHSA-2024:4544 - Security Advisory

Synopsis

Important: ghostscript security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for ghostscript is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

Security Fix(es):

  • ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2283508 - CVE-2024-33871 ghostscript: OPVP device arbitrary code execution via custom Driver library

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
ghostscript-9.27-2.el8_4.1.src.rpm SHA-256: 1f168f6f7e00bc012a8cdca92cb19b0cab621d7bee0d8f8e2a0a04bed80cd5a0
x86_64
ghostscript-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97f759b44fe161f80acd73056f621dbd21bf8e8c727fc83a68ebcf5d072fbe81
ghostscript-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 8c4f3e699cc2225c69423b570a1be8d8e6b3f0e59bd7fa8830ff54e96a981c70
ghostscript-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97ab5a8c483c620468044426435b87c659ba3c0cc6e1a691a15de615650eb888
ghostscript-debugsource-9.27-2.el8_4.1.i686.rpm SHA-256: 4bfba3fcd77bcc38fb1e1f1294a28af0525ed03f2f322568b59e361af8b8b220
ghostscript-debugsource-9.27-2.el8_4.1.x86_64.rpm SHA-256: fd9e254babef408a6a3866a4cd4bf3f0c22628252b2cfc2dd82b575e2b0d868f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: cede865fadcdd057ee497093d06a5314ccdf62bfe38b3bf3de4ca4b2257d177f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 36e16db22083375a8701b4cac88734541f9ca10a9754dcbd8dcdf5c4898d3589
ghostscript-x11-9.27-2.el8_4.1.x86_64.rpm SHA-256: e15e781b7ca2c2cba2ca6855a3d97d39237d15dafde0056139d7d8b2d516b992
ghostscript-x11-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 39c3432ce9f85901f6c70d162315c92cdad2f806dfe92713492cb5356db1d15b
ghostscript-x11-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: f2bb8899d0094ac1f827f39a465fe5feba9fd153ebe4ea05d3c1a60f72cbbb74
libgs-9.27-2.el8_4.1.i686.rpm SHA-256: be5dce35ec8c973bd5d872ee5d4a754b68e6a6026cc72c7c50006a14dbe8db79
libgs-9.27-2.el8_4.1.x86_64.rpm SHA-256: fbebf48b4f4bc945adf429db4a492eb35520799351f60320b07d236d06a36953
libgs-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: bf8d66b4c6bd73d59bf2edafeb41ac4c810e9af1d01642b6b9aeadbe25ea1bb5
libgs-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: dc3f930391125b89502f3f2998fad3b682db0c785a76aa1babdaf7fdfdeb5cd9

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
ghostscript-9.27-2.el8_4.1.src.rpm SHA-256: 1f168f6f7e00bc012a8cdca92cb19b0cab621d7bee0d8f8e2a0a04bed80cd5a0
x86_64
ghostscript-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97f759b44fe161f80acd73056f621dbd21bf8e8c727fc83a68ebcf5d072fbe81
ghostscript-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 8c4f3e699cc2225c69423b570a1be8d8e6b3f0e59bd7fa8830ff54e96a981c70
ghostscript-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97ab5a8c483c620468044426435b87c659ba3c0cc6e1a691a15de615650eb888
ghostscript-debugsource-9.27-2.el8_4.1.i686.rpm SHA-256: 4bfba3fcd77bcc38fb1e1f1294a28af0525ed03f2f322568b59e361af8b8b220
ghostscript-debugsource-9.27-2.el8_4.1.x86_64.rpm SHA-256: fd9e254babef408a6a3866a4cd4bf3f0c22628252b2cfc2dd82b575e2b0d868f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: cede865fadcdd057ee497093d06a5314ccdf62bfe38b3bf3de4ca4b2257d177f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 36e16db22083375a8701b4cac88734541f9ca10a9754dcbd8dcdf5c4898d3589
ghostscript-x11-9.27-2.el8_4.1.x86_64.rpm SHA-256: e15e781b7ca2c2cba2ca6855a3d97d39237d15dafde0056139d7d8b2d516b992
ghostscript-x11-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 39c3432ce9f85901f6c70d162315c92cdad2f806dfe92713492cb5356db1d15b
ghostscript-x11-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: f2bb8899d0094ac1f827f39a465fe5feba9fd153ebe4ea05d3c1a60f72cbbb74
libgs-9.27-2.el8_4.1.i686.rpm SHA-256: be5dce35ec8c973bd5d872ee5d4a754b68e6a6026cc72c7c50006a14dbe8db79
libgs-9.27-2.el8_4.1.x86_64.rpm SHA-256: fbebf48b4f4bc945adf429db4a492eb35520799351f60320b07d236d06a36953
libgs-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: bf8d66b4c6bd73d59bf2edafeb41ac4c810e9af1d01642b6b9aeadbe25ea1bb5
libgs-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: dc3f930391125b89502f3f2998fad3b682db0c785a76aa1babdaf7fdfdeb5cd9

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
ghostscript-9.27-2.el8_4.1.src.rpm SHA-256: 1f168f6f7e00bc012a8cdca92cb19b0cab621d7bee0d8f8e2a0a04bed80cd5a0
x86_64
ghostscript-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97f759b44fe161f80acd73056f621dbd21bf8e8c727fc83a68ebcf5d072fbe81
ghostscript-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 8c4f3e699cc2225c69423b570a1be8d8e6b3f0e59bd7fa8830ff54e96a981c70
ghostscript-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97ab5a8c483c620468044426435b87c659ba3c0cc6e1a691a15de615650eb888
ghostscript-debugsource-9.27-2.el8_4.1.i686.rpm SHA-256: 4bfba3fcd77bcc38fb1e1f1294a28af0525ed03f2f322568b59e361af8b8b220
ghostscript-debugsource-9.27-2.el8_4.1.x86_64.rpm SHA-256: fd9e254babef408a6a3866a4cd4bf3f0c22628252b2cfc2dd82b575e2b0d868f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: cede865fadcdd057ee497093d06a5314ccdf62bfe38b3bf3de4ca4b2257d177f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 36e16db22083375a8701b4cac88734541f9ca10a9754dcbd8dcdf5c4898d3589
ghostscript-x11-9.27-2.el8_4.1.x86_64.rpm SHA-256: e15e781b7ca2c2cba2ca6855a3d97d39237d15dafde0056139d7d8b2d516b992
ghostscript-x11-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 39c3432ce9f85901f6c70d162315c92cdad2f806dfe92713492cb5356db1d15b
ghostscript-x11-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: f2bb8899d0094ac1f827f39a465fe5feba9fd153ebe4ea05d3c1a60f72cbbb74
libgs-9.27-2.el8_4.1.i686.rpm SHA-256: be5dce35ec8c973bd5d872ee5d4a754b68e6a6026cc72c7c50006a14dbe8db79
libgs-9.27-2.el8_4.1.x86_64.rpm SHA-256: fbebf48b4f4bc945adf429db4a492eb35520799351f60320b07d236d06a36953
libgs-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: bf8d66b4c6bd73d59bf2edafeb41ac4c810e9af1d01642b6b9aeadbe25ea1bb5
libgs-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: dc3f930391125b89502f3f2998fad3b682db0c785a76aa1babdaf7fdfdeb5cd9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM
ghostscript-9.27-2.el8_4.1.src.rpm SHA-256: 1f168f6f7e00bc012a8cdca92cb19b0cab621d7bee0d8f8e2a0a04bed80cd5a0
ppc64le
ghostscript-9.27-2.el8_4.1.ppc64le.rpm SHA-256: f221a6c38ddbc6cdae78e8b6370ea6416e95683437954075e2d42de14deede23
ghostscript-debuginfo-9.27-2.el8_4.1.ppc64le.rpm SHA-256: 94fbbbe4ad63cfa69e748c2b554722bdded14b95a5c1bc4d2680ed2109a703ce
ghostscript-debugsource-9.27-2.el8_4.1.ppc64le.rpm SHA-256: c2f19a41a4c50ee9586b6ba236f803e348c7fd8988ece754a9ffd1d1f297b133
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.ppc64le.rpm SHA-256: d402274d00676aa26750ed77ddf9331f5c20fda9c000b91ffaa47e03f10d6ee7
ghostscript-x11-9.27-2.el8_4.1.ppc64le.rpm SHA-256: b9f36ddd5ef4ac0c38b77cf57fc1678e421755f71e0d58c41cdead4da81508f6
ghostscript-x11-debuginfo-9.27-2.el8_4.1.ppc64le.rpm SHA-256: 2222bdb7114e409d35d9be19f849c99fa3a88b9717c85771ebe8184f62e87a62
libgs-9.27-2.el8_4.1.ppc64le.rpm SHA-256: 1dfd70107e69d828cccb4632a2b5bf3a998faf827165e791c1bb0d316a16e596
libgs-debuginfo-9.27-2.el8_4.1.ppc64le.rpm SHA-256: 7a664ded4f6be50d5c8ab1e31405132854cc3ea82c6a5e97187e2890da9f682f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM
ghostscript-9.27-2.el8_4.1.src.rpm SHA-256: 1f168f6f7e00bc012a8cdca92cb19b0cab621d7bee0d8f8e2a0a04bed80cd5a0
x86_64
ghostscript-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97f759b44fe161f80acd73056f621dbd21bf8e8c727fc83a68ebcf5d072fbe81
ghostscript-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 8c4f3e699cc2225c69423b570a1be8d8e6b3f0e59bd7fa8830ff54e96a981c70
ghostscript-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 97ab5a8c483c620468044426435b87c659ba3c0cc6e1a691a15de615650eb888
ghostscript-debugsource-9.27-2.el8_4.1.i686.rpm SHA-256: 4bfba3fcd77bcc38fb1e1f1294a28af0525ed03f2f322568b59e361af8b8b220
ghostscript-debugsource-9.27-2.el8_4.1.x86_64.rpm SHA-256: fd9e254babef408a6a3866a4cd4bf3f0c22628252b2cfc2dd82b575e2b0d868f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: cede865fadcdd057ee497093d06a5314ccdf62bfe38b3bf3de4ca4b2257d177f
ghostscript-gtk-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: 36e16db22083375a8701b4cac88734541f9ca10a9754dcbd8dcdf5c4898d3589
ghostscript-x11-9.27-2.el8_4.1.x86_64.rpm SHA-256: e15e781b7ca2c2cba2ca6855a3d97d39237d15dafde0056139d7d8b2d516b992
ghostscript-x11-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: 39c3432ce9f85901f6c70d162315c92cdad2f806dfe92713492cb5356db1d15b
ghostscript-x11-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: f2bb8899d0094ac1f827f39a465fe5feba9fd153ebe4ea05d3c1a60f72cbbb74
libgs-9.27-2.el8_4.1.i686.rpm SHA-256: be5dce35ec8c973bd5d872ee5d4a754b68e6a6026cc72c7c50006a14dbe8db79
libgs-9.27-2.el8_4.1.x86_64.rpm SHA-256: fbebf48b4f4bc945adf429db4a492eb35520799351f60320b07d236d06a36953
libgs-debuginfo-9.27-2.el8_4.1.i686.rpm SHA-256: bf8d66b4c6bd73d59bf2edafeb41ac4c810e9af1d01642b6b9aeadbe25ea1bb5
libgs-debuginfo-9.27-2.el8_4.1.x86_64.rpm SHA-256: dc3f930391125b89502f3f2998fad3b682db0c785a76aa1babdaf7fdfdeb5cd9

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.