{"affected":[{"ecosystem_specific":{"binaries":[{"ghostscript-fonts-other":"8.62-47.16.1","ghostscript-fonts-rus":"8.62-47.16.1","ghostscript-fonts-std":"8.62-47.16.1","ghostscript-library":"8.62-47.16.1","ghostscript-omni":"8.62-47.16.1","ghostscript-x11":"8.62-47.16.1","libgimpprint":"4.2.7-47.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","name":"ghostscript-library","purl":"pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.62-47.16.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"ghostscript-fonts-other":"8.62-47.16.1","ghostscript-fonts-rus":"8.62-47.16.1","ghostscript-fonts-std":"8.62-47.16.1","ghostscript-library":"8.62-47.16.1","ghostscript-omni":"8.62-47.16.1","ghostscript-x11":"8.62-47.16.1","libgimpprint":"4.2.7-47.16.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4-LTSS","name":"ghostscript-library","purl":"pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"8.62-47.16.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ghostscript-library fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-3838: Fixed various bugs which allows to reenable and misuse system Postscript operators to read files from within Postscript files and send them with the help of e.g. the %pipe% to the attacker (bsc#1129186).\n","id":"SUSE-SU-2019:14155-1","modified":"2019-08-28T05:59:52Z","published":"2019-08-28T05:59:52Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-201914155-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1129186"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-3838"}],"related":["CVE-2019-3838"],"summary":"Recommended update for ghostscript-library","upstream":["CVE-2019-3838"]}