CLD-582 Details

Other IDs this deficiency may be known by:

CVE ID	CVE-2018-17961 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s)	ghostscript
Deficiency Type	SECURITY
Date Created	2018-10-16 21:56:44
Date Last Modified	2018-12-31 11:00:54

Version Specific Information:

Cucumber 1.0 i686	waiting for upstream to publish patch
Cucumber 1.0 x86_64	waiting for upstream to publish patch

Cucumber 1.1 i686	fixed in ghostscript-9.26-i686-1
Cucumber 1.1 x86_64	fixed in ghostscript-9.26-x86_64-1 and ghostscript-lib_i686-9.26-lib_i686-1

Details:

Fixed by the following commits:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a6807394bd94
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a5a9bf8c6a63
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d0

Unfortunately, these commits are not easily backportable to ghostscript 9.25 
without risking regressions.