Oval Definition:oval:com.redhat.rhsa:def:20080155
Revision Date:2008-03-20Version:636
Title:RHSA-2008:0155: ghostscript security update (Important)
Description:Ghostscript is a program for displaying PostScript files, or printing them to non-PostScript printers.

  • Chris Evans from the Google Security Team reported a stack-based buffer overflow flaw in Ghostscript's zseticcspace() function. An attacker could create a malicious PostScript file that would cause Ghostscript to execute arbitrary code when opened. (CVE-2008-0411)

    These updated packages also fix a bug, which prevented the pxlmono printer driver from producing valid output on Red Hat Enterprise Linux 4.

    All users of ghostscript are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-0411
    RHSA-2008:0155
    RHSA-2008:0155-01
    RHSA-2008:0155-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • ghostscript is earlier than 0:7.05-32.1.13
  • AND ghostscript is signed with Red Hat master key
  • hpijs is earlier than 0:1.3-32.1.13
  • AND hpijs is signed with Red Hat master key
  • ghostscript-devel is earlier than 0:7.05-32.1.13
  • AND ghostscript-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • ghostscript-devel is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript-devel is signed with Red Hat master key
  • ghostscript is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript is signed with Red Hat master key
  • ghostscript-gtk is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript-gtk is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • ghostscript is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript is signed with Red Hat redhatrelease key
  • ghostscript-gtk is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript-gtk is signed with Red Hat redhatrelease key
  • ghostscript-devel is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript-devel is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • ghostscript is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript is signed with Red Hat redhatrelease2 key
  • ghostscript-devel is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript-devel is signed with Red Hat redhatrelease2 key
  • ghostscript-gtk is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript-gtk is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • ghostscript is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript is signed with Red Hat redhatrelease2 key
  • ghostscript-devel is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript-devel is signed with Red Hat redhatrelease2 key
  • ghostscript-gtk is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript-gtk is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • ghostscript is earlier than 0:7.05-32.1.13
  • AND ghostscript is signed with Red Hat master key
  • ghostscript-devel is earlier than 0:7.05-32.1.13
  • AND ghostscript-devel is signed with Red Hat master key
  • hpijs is earlier than 0:1.3-32.1.13
  • AND hpijs is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • ghostscript is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript is signed with Red Hat master key
  • ghostscript-devel is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript-devel is signed with Red Hat master key
  • ghostscript-gtk is earlier than 0:7.07-33.2.el4_6.1
  • AND ghostscript-gtk is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • ghostscript is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript is signed with Red Hat redhatrelease key
  • ghostscript-devel is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript-devel is signed with Red Hat redhatrelease key
  • ghostscript-gtk is earlier than 0:8.15.2-9.1.el5_1.1
  • AND ghostscript-gtk is signed with Red Hat redhatrelease key
    • BACK