Not familiar with how ghostscript is used in ChromeOS, so I'm going to assume severity-medium (for RCE in sandboxed process + mitigating factor of printing?). please correct me if i'm wrong.

Actually marking Medium.

woops, thanks!

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/558065ab1ae93cfe9acf51da30e45de75ac84d38

commit 558065ab1ae93cfe9acf51da30e45de75ac84d38
Author: Andrew de los Reyes <adlr@chromium.org>
Date: Wed May 03 03:24:16 2017

app-text/ghostscript: Apply upstream patches to .eqproc and .rsdparams

Apply two patches from upstream.

BUG= chromium:717641 
TEST=Manually ran gs to convert PDF to PNG

Change-Id: Id0bc59663092b1f0b6b33c1a4e06f21518d7abaa
Reviewed-on: https://chromium-review.googlesource.com/494088
Commit-Ready: Andrew de los Reyes <adlr@chromium.org>
Tested-by: Andrew de los Reyes <adlr@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Reviewed-by: Chirantan Ekbote <chirantan@chromium.org>
Reviewed-by: Justin Carlson <justincarlson@chromium.org>

[modify] https://crrev.com/558065ab1ae93cfe9acf51da30e45de75ac84d38/app-text/ghostscript-gpl/ghostscript-gpl-9.19.ebuild
[add] https://crrev.com/558065ab1ae93cfe9acf51da30e45de75ac84d38/app-text/ghostscript-gpl/files/ghostscript-gpl-have-eqproc-check-its-parameters.patch
[add] https://crrev.com/558065ab1ae93cfe9acf51da30e45de75ac84d38/app-text/ghostscript-gpl/files/ghostscript-gpl-have-rsdparams-check-its-parameters.patch
[rename] https://crrev.com/558065ab1ae93cfe9acf51da30e45de75ac84d38/app-text/ghostscript-gpl/ghostscript-gpl-9.19-r7.ebuild

I'm not sure how to verify this

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot