Oval Definition:oval:org.opensuse.security:def:59452
Revision Date:2020-12-01Version:1
Title:Security update for ghostscript (Important)
Description:

This update for ghostscript to version 9.26 fixes the following issues:

Security issues fixed:

- CVE-2018-19475: Fixed bypass of an intended access restriction in psi/zdevice2.c (bsc#1117327) - CVE-2018-19476: Fixed bypass of an intended access restriction in psi/zicc.c (bsc#1117313) - CVE-2018-19477: Fixed bypass of an intended access restriction in psi/zfjbig2.c (bsc#1117274) - CVE-2018-19409: Check if another device is used correctly in LockSafetyParams (bsc#1117022) - CVE-2018-18284: Fixed potential sandbox escape through 1Policy operator (bsc#1112229) - CVE-2018-18073: Fixed leaks through operator in saved execution stacks (bsc#1111480) - CVE-2018-17961: Fixed a -dSAFER sandbox escape by bypassing executeonly (bsc#1111479) - CVE-2018-17183: Fixed a potential code injection by specially crafted PostScript files (bsc#1109105)

Version update to 9.26 (bsc#1117331):

- Security issues have been the primary focus - Minor bug fixes and improvements - For release summary see: http://www.ghostscript.com/doc/9.26/News.htm
Family:unixClass:patch
Status:Reference(s):1002734
1041447
1041470
1050896
1056996
1058058
1076957
1099658
1106284
1109105
1110785
1111479
1111480
1112229
1113769
1117022
1117274
1117313
1117327
1117331
1119687
1120843
1120885
1128829
1128963
1131543
1131565
1131576
1132374
1132472
1134537
1134596
1134848
1135281
1135603
1136424
1136446
1136586
1136935
1137586
1145092
1146358
1146359
1162202
1168994
1170170
1171186
1175626
1175656
CVE-2009-1273
CVE-2012-2673
CVE-2016-1000031
CVE-2016-10708
CVE-2016-9427
CVE-2017-14107
CVE-2017-9263
CVE-2017-9265
CVE-2017-9798
CVE-2018-17183
CVE-2018-17961
CVE-2018-17972
CVE-2018-18073
CVE-2018-18284
CVE-2018-19409
CVE-2018-19475
CVE-2018-19476
CVE-2018-19477
CVE-2018-20346
CVE-2018-20506
CVE-2018-7191
CVE-2019-10208
CVE-2019-11190
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
CVE-2019-11815
CVE-2019-11833
CVE-2019-11884
CVE-2019-12382
CVE-2019-18634
CVE-2019-3846
CVE-2019-5489
CVE-2019-8675
CVE-2019-8696
CVE-2020-10713
CVE-2020-12059
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-6831
SUSE-SU-2017:2212-1
SUSE-SU-2017:2542-1
SUSE-SU-2017:2546-1
SUSE-SU-2018:4090-1
SUSE-SU-2019:0913-1
SUSE-SU-2019:1214-1
SUSE-SU-2019:2159-1
SUSE-SU-2019:3057-1
SUSE-SU-2020:1158-1
SUSE-SU-2020:1218-1
SUSE-SU-2020:2628-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • java-10-openjdk-10.0.1.0-lp150.1 is installed
  • OR java-10-openjdk-headless-10.0.1.0-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • cron-4.2-lp151.4.3 is installed
  • OR cronie-1.5.1-lp151.4.3 is installed
  • OR cronie-anacron-1.5.1-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ghostscript-9.26-23.16 is installed
  • OR ghostscript-x11-9.26-23.16 is installed
  • OR libspectre-0.2.7-12.4 is installed
  • OR libspectre1-0.2.7-12.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • openssh-7.2p2-74.25 is installed
  • OR openssh-askpass-gnome-7.2p2-74.25 is installed
  • OR openssh-fips-7.2p2-74.25 is installed
  • OR openssh-helpers-7.2p2-74.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libgc1-7.2d-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_57-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_18-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libQtWebKit4-4.8.7+2.3.4-4.7 is installed
  • OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed
  • OR libqca2-2.0.3-17.7 is installed
  • OR libqca2-32bit-2.0.3-17.7 is installed
  • OR libqt4-4.8.7-8.8 is installed
  • OR libqt4-32bit-4.8.7-8.8 is installed
  • OR libqt4-devel-doc-4.8.7-8.8 is installed
  • OR libqt4-qt3support-4.8.7-8.8 is installed
  • OR libqt4-qt3support-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-4.8.7-8.8 is installed
  • OR libqt4-sql-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-mysql-4.8.7-8.8 is installed
  • OR libqt4-sql-plugins-4.8.7-8.8 is installed
  • OR libqt4-sql-sqlite-4.8.7-8.8 is installed
  • OR libqt4-x11-4.8.7-8.8 is installed
  • OR libqt4-x11-32bit-4.8.7-8.8 is installed
  • OR qt4-x11-tools-4.8.7-8.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • ghostscript-9.25-23.13 is installed
  • OR ghostscript-x11-9.25-23.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr6.15-30.72 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-30.72 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • MozillaFirefox-68.8.0-109.119 is installed
  • OR MozillaFirefox-translations-common-68.8.0-109.119 is installed
    • BACK