ghostscript-10.05.0-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:16015 Final 1 1 2025-04-02T00:00:00Z current 2025-04-02T00:00:00Z 2025-04-02T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ghostscript-10.05.0-1.1 on GA media These are all security issues fixed in the ghostscript-10.05.0-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-16015 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2025-27830/ SUSE CVE CVE-2025-27830 page https://www.suse.com/security/cve/CVE-2025-27831/ SUSE CVE CVE-2025-27831 page https://www.suse.com/security/cve/CVE-2025-27832/ SUSE CVE CVE-2025-27832 page https://www.suse.com/security/cve/CVE-2025-27833/ SUSE CVE CVE-2025-27833 page https://www.suse.com/security/cve/CVE-2025-27834/ SUSE CVE CVE-2025-27834 page https://www.suse.com/security/cve/CVE-2025-27835/ SUSE CVE CVE-2025-27835 page https://www.suse.com/security/cve/CVE-2025-27836/ SUSE CVE CVE-2025-27836 page https://www.suse.com/security/cve/CVE-2025-27837/ SUSE CVE CVE-2025-27837 page openSUSE Tumbleweed ghostscript-10.05.0-1.1 ghostscript-devel-10.05.0-1.1 ghostscript-x11-10.05.0-1.1 ghostscript-10.05.0-1.1 as a component of openSUSE Tumbleweed ghostscript-devel-10.05.0-1.1 as a component of openSUSE Tumbleweed ghostscript-x11-10.05.0-1.1 as a component of openSUSE Tumbleweed An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/write_t1.c and psi/zfapi.c. CVE-2025-27830 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27830.html CVE-2025-27830 https://bugzilla.suse.com/1240074 SUSE Bug 1240074 An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c. CVE-2025-27831 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27831.html CVE-2025-27831 https://bugzilla.suse.com/1240075 SUSE Bug 1240075 An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c. CVE-2025-27832 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27832.html CVE-2025-27832 https://bugzilla.suse.com/1240077 SUSE Bug 1240077 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c. CVE-2025-27833 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27833.html CVE-2025-27833 https://bugzilla.suse.com/1240078 SUSE Bug 1240078 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c. CVE-2025-27834 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27834.html CVE-2025-27834 https://bugzilla.suse.com/1240079 SUSE Bug 1240079 An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c. CVE-2025-27835 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27835.html CVE-2025-27835 https://bugzilla.suse.com/1240080 SUSE Bug 1240080 An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. CVE-2025-27836 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27836.html CVE-2025-27836 https://bugzilla.suse.com/1240081 SUSE Bug 1240081 An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp. CVE-2025-27837 openSUSE Tumbleweed:ghostscript-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-devel-10.05.0-1.1 openSUSE Tumbleweed:ghostscript-x11-10.05.0-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2025-27837.html CVE-2025-27837 https://bugzilla.suse.com/1240082 SUSE Bug 1240082