Updated ghostscript packages fix security vulnerability
Publication date: 04 May 2018Modification date: 04 May 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2018-10194
Description
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document (CVE-2018-10194).
References
SRPMS
5/core
- ghostscript-9.23-1.mga5
6/core
- ghostscript-9.23-1.mga6