psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libgs9-dbgsym": "9.10~dfsg-0ubuntu10.13", "ghostscript-dbgsym": "9.10~dfsg-0ubuntu10.13", "ghostscript-dbg": "9.10~dfsg-0ubuntu10.13", "ghostscript-doc": "9.10~dfsg-0ubuntu10.13", "ghostscript-x": "9.10~dfsg-0ubuntu10.13", "libgs9": "9.10~dfsg-0ubuntu10.13", "ghostscript-x-dbgsym": "9.10~dfsg-0ubuntu10.13", "libgs-dev-dbgsym": "9.10~dfsg-0ubuntu10.13", "libgs9-common": "9.10~dfsg-0ubuntu10.13", "ghostscript": "9.10~dfsg-0ubuntu10.13", "libgs-dev": "9.10~dfsg-0ubuntu10.13" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libgs9-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-dbg": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-doc": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-x": "9.18~dfsg~0-0ubuntu2.9", "libgs9": "9.18~dfsg~0-0ubuntu2.9", "ghostscript-x-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "libgs-dev-dbgsym": "9.18~dfsg~0-0ubuntu2.9", "libgs9-common": "9.18~dfsg~0-0ubuntu2.9", "ghostscript": "9.18~dfsg~0-0ubuntu2.9", "libgs-dev": "9.18~dfsg~0-0ubuntu2.9" } ] }