An update for ghostscript is now available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofModerate.

A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
The Ghostscript suite contains utilities for rendering PostScript and PDFdocuments.

Ghostscript translates PostScript code to common bitmap formats sothat the code can be displayed or printed.Security Fix(es):* It was found that the ghostscript functions getenv, filenameforall and.libfile did not honor the -dSAFER option, usually used when processinguntrusted documents, leading to information disclosure.

A specially craftedpostscript document could read environment variable, list directory and retrievefile content respectively, from the target. (CVE-2013-5653, CVE-2016-7977)* It was found that the ghostscript function .initialize_dsc_parser did notvalidate its parameter before using it, allowing a type confusion flaw.

Aspecially crafted postscript document could cause a crash code execution in thecontext of the gs process. (CVE-2016-7979)* It was found that ghostscript did not sufficiently check the validity ofparameters given to the .sethalftone5 function.

A specially crafted postscriptdocument could cause a crash, or execute arbitrary code in the context of the gsprocess. (CVE-2016-8602)
Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
ghostscript-8.70-21.el6_8.1.src.rpm
    MD5: 81d56cbe6c8263a5f249e43b303b42b4SHA-256: 93d8c3c006a706f94669d2ee89e64d7a196046398071c6ae75c5fcb086d50b01
 
IA-32:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-doc-8.70-21.el6_8.1.i686.rpm
    MD5: 5946029000553d4b310add8ee14f3ee5SHA-256: 265c36bf2eb230e53305a9b484d12e582390eee9cd82581a0a91534e505f60b9
ghostscript-gtk-8.70-21.el6_8.1.i686.rpm
    MD5: c7785bd404b5505d997c58826ad2df8fSHA-256: 6e52c910b95c51e458624c904f40e92ca81b4a62893d4ea3f1c288bddb000252
 
x86_64:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-8.70-21.el6_8.1.x86_64.rpm
    MD5: e506f44e430fbbbac5b759f9857009fdSHA-256: a24bddc68879a04519ab9bbe87429b0a8dcdee76db22ccbb59fb192a8e5645cf
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-debuginfo-8.70-21.el6_8.1.x86_64.rpm
    MD5: c5ac20885c82f658c22b576d5bd3df12SHA-256: a3cc5c4487083c81ddc1dd315f4fca4016b2fc47c04cacc480c45c0c3fffefda
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-devel-8.70-21.el6_8.1.x86_64.rpm
    MD5: ad57b2fd6d6edfb2c49c4a6505fad286SHA-256: 78c010d74f6123828bc1ae6488a0b402ffe3a5c381c2fbdd17ed6f89e5cbebf7
ghostscript-doc-8.70-21.el6_8.1.x86_64.rpm
    MD5: 9dd0accd925ba7f009f4a3b558b72150SHA-256: 8d60d3814c1739cd355b05b95b6faac6c640b599f2c73508cf38a2242a0b9f8d
ghostscript-gtk-8.70-21.el6_8.1.x86_64.rpm
    MD5: 872494212d2c89716513cb2d420f988bSHA-256: a9da58935fb7c7d5f63650f0930d1c66255a8e06d853c66fcd02d575ff09a018
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
ghostscript-8.70-21.el6_8.1.src.rpm
    MD5: 81d56cbe6c8263a5f249e43b303b42b4SHA-256: 93d8c3c006a706f94669d2ee89e64d7a196046398071c6ae75c5fcb086d50b01
 
x86_64:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-8.70-21.el6_8.1.x86_64.rpm
    MD5: e506f44e430fbbbac5b759f9857009fdSHA-256: a24bddc68879a04519ab9bbe87429b0a8dcdee76db22ccbb59fb192a8e5645cf
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-debuginfo-8.70-21.el6_8.1.x86_64.rpm
    MD5: c5ac20885c82f658c22b576d5bd3df12SHA-256: a3cc5c4487083c81ddc1dd315f4fca4016b2fc47c04cacc480c45c0c3fffefda
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-devel-8.70-21.el6_8.1.x86_64.rpm
    MD5: ad57b2fd6d6edfb2c49c4a6505fad286SHA-256: 78c010d74f6123828bc1ae6488a0b402ffe3a5c381c2fbdd17ed6f89e5cbebf7
ghostscript-doc-8.70-21.el6_8.1.x86_64.rpm
    MD5: 9dd0accd925ba7f009f4a3b558b72150SHA-256: 8d60d3814c1739cd355b05b95b6faac6c640b599f2c73508cf38a2242a0b9f8d
ghostscript-gtk-8.70-21.el6_8.1.x86_64.rpm
    MD5: 872494212d2c89716513cb2d420f988bSHA-256: a9da58935fb7c7d5f63650f0930d1c66255a8e06d853c66fcd02d575ff09a018
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
ghostscript-8.70-21.el6_8.1.src.rpm
    MD5: 81d56cbe6c8263a5f249e43b303b42b4SHA-256: 93d8c3c006a706f94669d2ee89e64d7a196046398071c6ae75c5fcb086d50b01
 
IA-32:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-doc-8.70-21.el6_8.1.i686.rpm
    MD5: 5946029000553d4b310add8ee14f3ee5SHA-256: 265c36bf2eb230e53305a9b484d12e582390eee9cd82581a0a91534e505f60b9
ghostscript-gtk-8.70-21.el6_8.1.i686.rpm
    MD5: c7785bd404b5505d997c58826ad2df8fSHA-256: 6e52c910b95c51e458624c904f40e92ca81b4a62893d4ea3f1c288bddb000252
 
PPC:
ghostscript-8.70-21.el6_8.1.ppc.rpm
    MD5: 613685386178f19812962855fec9b454SHA-256: 98b580f8ca6aead74e70114651e6321290e2c66c26e382f7863a3c10d22640c8
ghostscript-8.70-21.el6_8.1.ppc64.rpm
    MD5: 6fc2b174c704572193d191d3d913d2c7SHA-256: 1e14c1e46b3399c6d46dbe8f70b70cd841ebd90c0bc899343103c0d1e41a9060
ghostscript-debuginfo-8.70-21.el6_8.1.ppc.rpm
    MD5: 39b49a069a51cb6f7a0431c7393345eeSHA-256: eb3213701494e35c72ecb6ff3cefdaae8445992d45a55ebf0f9a8362966278f3
ghostscript-debuginfo-8.70-21.el6_8.1.ppc64.rpm
    MD5: 1e4dece763fd053e765002f932337356SHA-256: 72b03b4ea4571fe1267a456c5f8c9fecc29707eb752b6b5d9f3c19123ee37a12
ghostscript-devel-8.70-21.el6_8.1.ppc.rpm
    MD5: a4e1eaca33fd196367cfc3b5e4b015bdSHA-256: cc6bb087318a77177121f37c0d4590f3cbf1c0957b0958fd975b13419a260619
ghostscript-devel-8.70-21.el6_8.1.ppc64.rpm
    MD5: 40d488b01231f9fc0140da1060111196SHA-256: c408b75d5718d343b8145c97d11e3aa941fef7161a7353f9ef04b8da6c450a86
ghostscript-doc-8.70-21.el6_8.1.ppc64.rpm
    MD5: aaf26abb0c59369ae779f425c34ffcd8SHA-256: e540c512a4c860915a886280de290d2a85cb5fe05ba9df8de51dab4d1cafcf6a
ghostscript-gtk-8.70-21.el6_8.1.ppc64.rpm
    MD5: 4b12eb4223bbfb40e1335db28fcaa7a1SHA-256: ea52bf5b27a017c5c05ec57f986b3a6701d0de1eb7c4185055ab1e4688c36942
 
s390x:
ghostscript-8.70-21.el6_8.1.s390.rpm
    MD5: 80cf64a6cbc7afa8152e9366a5333789SHA-256: 03aee61cc511af36d26e9774740934449b1d8123068701f8d68e9d0557859c30
ghostscript-8.70-21.el6_8.1.s390x.rpm
    MD5: 416e9e257e2da0d613047d1e01d48debSHA-256: fde531367377525302f196a70f2b197013f0197e80a72c00cad3a834705aad44
ghostscript-debuginfo-8.70-21.el6_8.1.s390.rpm
    MD5: 9497ec94ed0e588a2959dceb843a99fdSHA-256: ea99d81125e60387f3c359af65fe9023b9f7f49e0f5c2e4816c383f1a2dd30af
ghostscript-debuginfo-8.70-21.el6_8.1.s390x.rpm
    MD5: 7f9a00d25883fd137438bd13b2841f08SHA-256: d7a7f5125c03d372b0cc96b7a48d185e8fbdc1352222bfc0950972d4d36123e1
ghostscript-devel-8.70-21.el6_8.1.s390.rpm
    MD5: 483540e6d9246349629f819ebb30e8fdSHA-256: aa6253552966ac91d4f8ba4db11664bdac1a7bcc83ab6471c83ed5805bf06122
ghostscript-devel-8.70-21.el6_8.1.s390x.rpm
    MD5: 6be9113af7db62431303bf0ea17fe76cSHA-256: 46abd60eca340a45b315e747ec512ebdd310dc1d1e12bb23f0f86a982e249982
ghostscript-doc-8.70-21.el6_8.1.s390x.rpm
    MD5: 40b1dcdadc05d4849db337066db200f6SHA-256: 29a55f2ee87e5ffcc640c1e9874c12763fbd5e3b18bee0bf42dc8da896971c19
ghostscript-gtk-8.70-21.el6_8.1.s390x.rpm
    MD5: b7b52392f2359ce0ea456442d7e845f3SHA-256: 0c4542b9d09439280f8c0912a921dd05ceb60e7304f75ab7df0aa2b3bdd21ecd
 
x86_64:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-8.70-21.el6_8.1.x86_64.rpm
    MD5: e506f44e430fbbbac5b759f9857009fdSHA-256: a24bddc68879a04519ab9bbe87429b0a8dcdee76db22ccbb59fb192a8e5645cf
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-debuginfo-8.70-21.el6_8.1.x86_64.rpm
    MD5: c5ac20885c82f658c22b576d5bd3df12SHA-256: a3cc5c4487083c81ddc1dd315f4fca4016b2fc47c04cacc480c45c0c3fffefda
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-devel-8.70-21.el6_8.1.x86_64.rpm
    MD5: ad57b2fd6d6edfb2c49c4a6505fad286SHA-256: 78c010d74f6123828bc1ae6488a0b402ffe3a5c381c2fbdd17ed6f89e5cbebf7
ghostscript-doc-8.70-21.el6_8.1.x86_64.rpm
    MD5: 9dd0accd925ba7f009f4a3b558b72150SHA-256: 8d60d3814c1739cd355b05b95b6faac6c640b599f2c73508cf38a2242a0b9f8d
ghostscript-gtk-8.70-21.el6_8.1.x86_64.rpm
    MD5: 872494212d2c89716513cb2d420f988bSHA-256: a9da58935fb7c7d5f63650f0930d1c66255a8e06d853c66fcd02d575ff09a018
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
ghostscript-8.70-21.el6_8.1.src.rpm
    MD5: 81d56cbe6c8263a5f249e43b303b42b4SHA-256: 93d8c3c006a706f94669d2ee89e64d7a196046398071c6ae75c5fcb086d50b01
 
IA-32:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-doc-8.70-21.el6_8.1.i686.rpm
    MD5: 5946029000553d4b310add8ee14f3ee5SHA-256: 265c36bf2eb230e53305a9b484d12e582390eee9cd82581a0a91534e505f60b9
ghostscript-gtk-8.70-21.el6_8.1.i686.rpm
    MD5: c7785bd404b5505d997c58826ad2df8fSHA-256: 6e52c910b95c51e458624c904f40e92ca81b4a62893d4ea3f1c288bddb000252
 
x86_64:
ghostscript-8.70-21.el6_8.1.i686.rpm
    MD5: 19155a0d1e85fbe6fc2c241e635c103dSHA-256: e9e40df6b624eb8d702198b3b638d90ff168973fc866d594e7f1a4a8a05be4e8
ghostscript-8.70-21.el6_8.1.x86_64.rpm
    MD5: e506f44e430fbbbac5b759f9857009fdSHA-256: a24bddc68879a04519ab9bbe87429b0a8dcdee76db22ccbb59fb192a8e5645cf
ghostscript-debuginfo-8.70-21.el6_8.1.i686.rpm
    MD5: 304f5883bcab0374772cff9d30258684SHA-256: fc7ec49dc05323c95d7046c3aa86350d9efce7e7af58d67ae9188b528d3e6f84
ghostscript-debuginfo-8.70-21.el6_8.1.x86_64.rpm
    MD5: c5ac20885c82f658c22b576d5bd3df12SHA-256: a3cc5c4487083c81ddc1dd315f4fca4016b2fc47c04cacc480c45c0c3fffefda
ghostscript-devel-8.70-21.el6_8.1.i686.rpm
    MD5: 84df1f641517f545bfaa5f2eaab07ec3SHA-256: b3774a600c4393ae1b2e1fccf6b3ad36300ad9d7901351571ce9058f5c8f4434
ghostscript-devel-8.70-21.el6_8.1.x86_64.rpm
    MD5: ad57b2fd6d6edfb2c49c4a6505fad286SHA-256: 78c010d74f6123828bc1ae6488a0b402ffe3a5c381c2fbdd17ed6f89e5cbebf7
ghostscript-doc-8.70-21.el6_8.1.x86_64.rpm
    MD5: 9dd0accd925ba7f009f4a3b558b72150SHA-256: 8d60d3814c1739cd355b05b95b6faac6c640b599f2c73508cf38a2242a0b9f8d
ghostscript-gtk-8.70-21.el6_8.1.x86_64.rpm
    MD5: 872494212d2c89716513cb2d420f988bSHA-256: a9da58935fb7c7d5f63650f0930d1c66255a8e06d853c66fcd02d575ff09a018
 
(The unlinked packages above are only available from the Red Hat Network)

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Leave a Reply