ghostscript-9.54.0-18.el9_6
エラータID: AXSA:2025-10460:03
The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
Security Fix(es):
* ghostscript: dangling pointer in gdev_prn_open_printer_seekable() (CVE-2023-46751)
* ghostscript: Buffer Overflow in Ghostscript PDF XRef Stream Handling (CVE-2024-46952)
* ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space (CVE-2024-46951)
* ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding (CVE-2024-46954)
* ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript (CVE-2024-46953)
* ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution (CVE-2024-46956)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2023-46751
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
CVE-2024-46951
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
CVE-2024-46952
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
CVE-2024-46953
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
CVE-2024-46954
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
CVE-2024-46956
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
Update packages.
An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.
N/A
SRPMS
- ghostscript-9.54.0-18.el9_6.src.rpm
MD5: daf853ea718679877abaf712690c188c
SHA-256: 6bfe26a4093cd0b9135be480f164589323276bf87032e31700cef2deb9e8d9d6
Size: 53.48 MB
Asianux Server 9 for x86_64
- ghostscript-9.54.0-18.el9_6.i686.rpm
MD5: e25ae2943629b5d14bbfe80666548c8c
SHA-256: a9d68d9e536c21019af015ff70842fd93d70ebefae2714434dfd01ea15454516
Size: 44.34 kB - ghostscript-9.54.0-18.el9_6.x86_64.rpm
MD5: 27bb9f75520ed4ba3797ebd2a69ce30e
SHA-256: 9415f1e6a5184de8edb0e59fb60b49cbd87e8feeccea2aee882df9409c5cb520
Size: 44.15 kB - ghostscript-doc-9.54.0-18.el9_6.noarch.rpm
MD5: 6288406017b532f6aa8f9c0e0746c759
SHA-256: ef7deee3e52c6a7013853066f6b3b2c14986cd8ce3cf536271d8bb7fa6d1df53
Size: 7.78 MB - ghostscript-tools-dvipdf-9.54.0-18.el9_6.x86_64.rpm
MD5: 213276b32c4843b2ee6223eb0c8c0288
SHA-256: beb899aa2bb5dbb20522781def7c9ebdb6518e48a7b506a8d3e8685bb320bff4
Size: 10.73 kB - ghostscript-tools-fonts-9.54.0-18.el9_6.i686.rpm
MD5: 014da4b49d03a8bea1e8c7152bafd451
SHA-256: 009c2198982e4b968055f6eedf3d1dd96533a53ecfdf91335f3de5737cae84fa
Size: 11.73 kB - ghostscript-tools-fonts-9.54.0-18.el9_6.x86_64.rpm
MD5: 332a86438d3b04247f88d17243254223
SHA-256: 9b7ca150cd474d1a68a2f9fe2206d3acbd63fb4b6162b1f1d264f74244dd1d24
Size: 11.71 kB - ghostscript-tools-printing-9.54.0-18.el9_6.i686.rpm
MD5: d255e866c10fccc372adfabd0ca787c1
SHA-256: 16d6f09e28ee7a30265ea0402abe318556a4bd35bc936ca5a4e44246e8307a93
Size: 11.71 kB - ghostscript-tools-printing-9.54.0-18.el9_6.x86_64.rpm
MD5: 0c4d2c79d2613e0d96d39e687e68240c
SHA-256: 8437ca40d8fe9f8e4bc16125bc3664216a7a839814a23bc98abd56ad2dc931f9
Size: 11.69 kB - ghostscript-x11-9.54.0-18.el9_6.x86_64.rpm
MD5: 7a08155e1e90f2ba57e4df57ce7f5142
SHA-256: 25a12befe062e2938a574d9375fff5192cf9286f6b688c2452cdccf594752490
Size: 37.88 kB - libgs-9.54.0-18.el9_6.i686.rpm
MD5: 5163260168ac8caddf8da6984295ccbc
SHA-256: feff9c8a1e2d7e5dbe770cb5078c01ff58f23b477cd985ae8b12b6d65d86bd6c
Size: 3.32 MB - libgs-9.54.0-18.el9_6.x86_64.rpm
MD5: a7f16311fcda6296e124999e4139adad
SHA-256: 91de26db7e17774428eab2ed08c7ba6d8229b57ec54e0908b9b8d20725c50e3a
Size: 3.17 MB - libgs-devel-9.54.0-18.el9_6.i686.rpm
MD5: 82977477c61431bb2bb55470fecb968b
SHA-256: 78aa9ee24d207de4744922136c48388fa43ff793513a221f867725f7e9a38848
Size: 20.89 kB - libgs-devel-9.54.0-18.el9_6.x86_64.rpm
MD5: 1dabd846b139cb8a09017c59bce04771
SHA-256: 3eabbf278456ac213f2593ce61ffd80292236eb7706e63327e211abd97bcd8c1
Size: 20.87 kB
日本語