Processing control commands:
> tags 839118 + patch
Bug #839118 {Done: Salvatore Bonaccorso <[email protected]>} [ghostscript]
ghostscript: CVE-2013-5653: getenv and filenameforall ignore -dSAFER
Added tag(s) patch.
> tags 839260 + patch
Bug #839260 {Done: Salvatore Bonaccorso <[email protected]>} [ghostscript]
ghostscript: CVE-2016-7976: various userparams allow %pipe% in paths, allowing
remote shell command execution
Added tag(s) patch.
> tags 839841 + patch
Bug #839841 {Done: Salvatore Bonaccorso <[email protected]>} [ghostscript]
ghostscript: CVE-2016-7977: .libfile doesn't check PermitFileReading array,
allowing remote file disclosure
Added tag(s) patch.
> tags 839845 + patch
Bug #839845 {Done: Salvatore Bonaccorso <[email protected]>} [src:ghostscript]
ghostscript: CVE-2016-7978: reference leak in .setdevice allows use-after-free
and remote code execution
Added tag(s) patch.
--
839118: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839118
839260: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839260
839841: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839841
839845: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839845
Debian Bug Tracking System
Contact [email protected] with problems
