검색

이 콘텐츠는 선택한 언어로 제공되지 않습니다.

5.83. ghostscript

download PDF
Updated ghostscript packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) associated with each description below.
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files.

Security Fix

CVE-2012-4405
An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript.
Red Hat would like to thank Marc Schönefeld for reporting this issue.
Users of Ghostscript are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.
Updated ghostscript packages that fix three bugs are now available for Red Hat Enterprise Linux 6.
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common, bitmap formats so that the code can be displayed or printed.

Bug Fixes

BZ#643105
Prior to this update, the gdevcups driver, which produces CUPS Raster output, handled memory allocations incorrectly. This could cause the ghostscript program to terminate unexpectedly in some situations. This update applies backported fixes for handling the memory allocations to this version of ghostscript and the crash no longer occurs.
BZ#695766
Prior to this update, certain input files containing CID Type2 fonts were rendered with incorrect character spacing. This update modifies the code so that all input files with CID Type2 fonts are rendered correctly.
BZ#697488
Prior to this update, the page orientation was incorrect when pages in the landscape orientation were converted to the PXL raster format. This update matches landscape-page sizes as well as portrait-page sizes, and sets the orientation parameter correctly when a match is found.
All users of ghostscript are advised to upgrade to these updated packages, which fix these bugs.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.