Ubuntu security notices
USN-4111-1: Ghostscript vulnerabilities
USN-4111-1: Ghostscript vulnerabilities ghostscript vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Ghostscript could be made to access arbitrary files if it opened a specially crafted file. Software Description ghostscript – PostScript and PDF interpreter Details Hiroki Matsukuma discovered that the PDF interpreter in Ghostscript did not properly restrict privileged calls when ‘-dSAFER’ restrictions were in effect. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files. (CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 ghostscript – 9.26~dfsg+0-0ubuntu7.3 libgs9 – 9.26~dfsg+0-0ubuntu7.3 Ubuntu 18.04 LTS ghostscript – 9.26~dfsg+0-0ubuntu0.18.04.11 libgs9 – 9.26~dfsg+0-0ubuntu0.18.04.11 Ubuntu 16.04 LTS ghostscript – 9.26~dfsg+0-0ubuntu0.16.04.11 libgs9 [ more… ]