On Tue, Oct 09, 2018 at 10:46:04PM +0100, Ken Moffat via blfs-support wrote: > > For gs-9.25, apply the ghostscript-9.25-security_fixes-1.patch which > is in lfs patches, and should be directly linked from the book when > it is next rendered. > Apparently, those fixes are incomplete - they fixed the known exploit, but other places in the code have now been fixed upstream (but I do not have a PoC exploit to test any of this).
A -2 version of the patch will need to be produced, somewhen. For the moment, this is not my personal priority. ĸen -- Is it about a bicycle ? -- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page