Advisories ยป MGASA-2018-0219

Updated ghostscript packages fix security vulnerability

Publication date: 04 May 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2018-10194

Description

The set_text_distance function in devices/vector/gdevpdts.c in the
pdfwrite component in Artifex Ghostscript through 9.22 does not prevent
overflows in text-positioning calculation, which allows remote attackers
to cause a denial of service (application crash) or possibly have
unspecified other impact via a crafted PDF document (CVE-2018-10194).
                

References

SRPMS

6/core

5/core