CVE-2018-16539 (retired)

Priority
Description
In Artifex Ghostscript before 9.24, attackers able to supply crafted
PostScript files could use incorrect access checking in temp file handling
to disclose contents of files on the system otherwise not readable.
Notes
 mdeslaur> second commit fixes regression
Package
Upstream:released (9.22~dfsg-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (9.10~dfsg-0ubuntu10.13)
Ubuntu 16.04 LTS (Xenial Xerus):released (9.18~dfsg~0-0ubuntu2.9)
Ubuntu 18.04 LTS (Bionic Beaver):released (9.22~dfsg+1-0ubuntu1.2)
Ubuntu 18.10 (Cosmic Cuttlefish):released (9.25~dfsg+1-0ubuntu1)
Patches:
Upstream:http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a054156d425b4dbdaaa9fda4b5f1182b27598c2b
Upstream:http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=150c8f69646b854a99f35f27edaae012eb2e900f
More Information

Updated: 2019-03-26 12:27:11 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)