According to this posting [1] in oss-security: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. Upstream bug is in [2], but not publicly accessible, it seems. [1] http://www.openwall.com/lists/oss-security/2018/04/19/5 [2] https://bugs.ghostscript.com/show_bug.cgi?id=699255
This upstream commit [1] fixes this bug (i.e. upstream 699255), which is included in 9.25. [1] http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
This issue was resolved and addressed in GLSA 201811-12 at https://security.gentoo.org/glsa/201811-12 by GLSA coordinator Aaron Bauman (b-man).
