Updated ghostscript packages fix security vulnerability
Publication date: 19 Oct 2023Modification date: 19 Oct 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-43115
Description
The updated packages fix a security vulnerability: In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. (CVE-2023-43115)
References
SRPMS
9/core
- ghostscript-10.00.0-6.3.mga9
8/core
- ghostscript-9.53.3-2.7.mga8