Advisory ======== The ghostscript package has been updated to the latest release to keep up with the usual round of bug fixes, compatibility changes, and incremental improvements. References ========== https://www.ghostscript.com/doc/9.26/News.htm Files ===== The following has been uploaded to core/updates_testing ghostscript-doc-9.26-1.mga6 ghostscript-9.26-1.mga6 ghostscript-common-9.26-1.mga6 ghostscript-dvipdf-9.26-1.mga6 ghostscript-module-X-9.26-1.mga6 ghostscript-X-9.26-1.mga6 lib64gs9-9.26-1.mga6 lib64gs-devel-9.26-1.mga6 lib64ijs1-0.35-140.mga6 lib64ijs-devel-0.35-140.mga6 from ghostscript-9.26-1.mga6.src.rpm
*** Bug 23871 has been marked as a duplicate of this bug. ***
CC: (none) => luigiwalser
And comment from the dup: Ghostscript 9.26 has been released today (November 20), fixing more security issues: https://www.ghostscript.com/doc/9.26/History9.htm
Component: RPM Packages => SecurityCC: (none) => tmbQA Contact: (none) => security
There is already lib64ijs1-0.35-140.2.mga6 in core/updates so here is the modified list: Files ===== The following has been uploaded to core/updates_testing ghostscript-doc-9.26-1.1.mga6 ghostscript-9.26-1.1.mga6 ghostscript-common-9.26-1.1.mga6 ghostscript-dvipdf-9.26-1.1.mga6 ghostscript-module-X-9.26-1.1.mga6 ghostscript-X-9.26-1.1.mga6 lib(64)gs9-9.26-1.1.mga6 lib(64)gs-devel-9.26-1.1.mga6 lib(64)ijs1-0.35-142.1.mga6 lib(64)ijs-devel-0.35-142.1.mga6 from ghostscript-9.26-1.1.mga6.src.rpm
CC: (none) => nicolas.salgueroStatus: NEW => ASSIGNED
Ooops !!! 142 + 1 = 143 ! Files ===== The following has been uploaded to core/updates_testing ghostscript-doc-9.26-1.1.mga6 ghostscript-9.26-1.1.mga6 ghostscript-common-9.26-1.1.mga6 ghostscript-dvipdf-9.26-1.1.mga6 ghostscript-module-X-9.26-1.1.mga6 ghostscript-X-9.26-1.1.mga6 lib(64)gs9-9.26-1.1.mga6 lib(64)gs-devel-9.26-1.1.mga6 lib(64)ijs1-0.35-143.1.mga6 lib(64)ijs-devel-0.35-143.1.mga6 from ghostscript-9.26-1.1.mga6.src.rpm
On real hardware, Intel Core 2 Duo, Intel graphics, 64-bit Plasma system. Using qarepo, the following 5 packages are going to be installed: - ghostscript-9.26-1.1.mga6.x86_64 - ghostscript-common-9.26-1.1.mga6.x86_64 - ghostscript-module-X-9.26-1.1.mga6.x86_64 - lib64gs9-9.26-1.1.mga6.x86_64 - lib64ijs1-0.35-143.1.mga6.x86_64 All packages installed cleanly. Both Evince and hplip use ghostscript, so I loaded, in turn, a pdf file and a ps file into Evince, and printed a page of each on my HP Deskjet printer. No problems noted. Looks OK for 64-bit.
CC: (none) => andrewsfarmWhiteboard: (none) => MGA6-64-OK
In a 32-bit VirtualBox Plasma guest, all packages installed cleanly. Viewed a ps file and a pdf file in Evince, no problems noted. Did not test printing, as the printer is not available in this guest. Looks OK for 32-bit. Validating. Suggested advisory in the description, with the correct file list in Comment 4.
Keywords: (none) => validated_updateWhiteboard: MGA6-64-OK => MGA6-64-OK MGA6-32-OKCC: (none) => sysadmin-bugs
Lightening work, TJ! Advisoried from comments 0 & 4; but I changed its type to 'Bugfix' which looks more appropriate.
CC: (none) => lewyssmithKeywords: (none) => advisory
Lewis, this is a security update.
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0466.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED
*** Bug 23941 has been marked as a duplicate of this bug. ***
This update fixed CVE-2018-16863.
This update also fixed CVE-2018-19134 and CVE-2018-19409: https://access.redhat.com/errata/RHSA-2018:3834
This update also fixed CVE-2018-1947[5-8]: https://www.debian.org/security/2018/dsa-4346