Description
This update for ghostscript-library fixes the following issues:
- Multiple security vulnerabilities have been discovered where
ghostscript's "-dsafer" flag did not provide sufficient protection
against unintended access to the file system. Thus, a machine that would
process a specially crafted Postscript file would potentially leak
sensitive information to an attacker. (CVE-2013-5653, bsc#1001951)
- An incorrect reference count was found in .setdevice. This issue lead to
a use-after-free scenario, which could have been exploited for
denial-of-service or, possibly, arbitrary code execution attacks