USN-4092-1: Ghostscript vulnerability
12 August 2019
Ghostscript could be made to access files if it opened a specially crafted file.
- ghostscript - PostScript and PDF interpreter
Netanel Fisher discovered that the font handler in Ghostscript did not
properly restrict privileged calls when '-dSAFER' restrictions were in
effect. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could possibly use this issue to
access arbitrary files.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.