On Tue, Oct 09, 2018 at 10:46:04PM +0100, Ken Moffat via blfs-support wrote:
>
> For gs-9.25, apply the ghostscript-9.25-security_fixes-1.patch which
> is in lfs patches, and should be directly linked from the book when
> it is next rendered.
>
Apparently, those fixes are incomplete - they fixed the known
exploit, but other places in the code have now been fixed upstream
(but I do not have a PoC exploit to test any of this).
A -2 version of the patch will need to be produced, somewhen. For
the moment, this is not my personal priority.
ĸen
--
Is it about a bicycle ?
--
http://lists.linuxfromscratch.org/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
