Alexander E. Patrakov wrote these words on 03/24/08 10:30 CST: > Randy McMurchy wrote: >> The short answer is that ESP GS will probably stay in the book >> as is until after BLFS-6.3 has been released. > > Even though my FreeBSD installation received a security advisory (stack-based > buffer overflow) against a newer (8.61) GPL version of Ghostscript? See > http://scary.beasts.org/security/CESA-2008-001.html, it applies to Linux, too.
I suppose we're going to have to see what the fix was via GPL GS cvs/svn/git and prepare a patch. I would much rather patch ESP GS right now, than upgrade. Thanks for the link Alexander. What I read, zicc.c is the affected source file, but that could mean several headers and other source C files would need to be patched as well. It's another thing on the TODO list. In fact, a TRAC ticket would ensure it's not forgotten. -- Randy rmlscsi: [bogomips 1003.22] [GNU ld version 2.16.1] [gcc (GCC) 4.0.3] [GNU C Library stable release version 2.3.6] [Linux 2.6.14.3 i686] 10:44:00 up 36 days, 1:32, 1 user, load average: 0.13, 0.05, 0.02 -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
