RLSA-2024:4000

See a problem?
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2024:4000.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2024:4000
Related
Published
2024-07-02T14:10:24.883859Z
Modified
2024-07-02T14:13:09.748366Z
Summary
Important: ghostscript security update
Details

The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.

Security Fix(es):

  • ghostscript: OPVP device arbitrary code execution via custom Driver library (CVE-2024-33871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages

Rocky Linux:8 / ghostscript

Package

Name
ghostscript
Purl
pkg:rpm/rocky-linux/ghostscript?distro=rocky-linux-8&epoch=0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0:9.27-13.el8_10