Hi Didier,
Didier Link skribis:
> I've just released a gnu-ghostscript point release with the CVE patches
> adapted by Mark (really thanks !!!).
Thank you!
> For the CVE-2016-7977 I've see that the file concerned was modified in
> later release of gpl-ghostscript, I
Le 16/10/2016 à 17:47, Alex Vong a écrit :
> Hello,
>
> I notice the patch for CVE-2016-7977[0] handles the problem differently
> than GNU Ghostscript[1] does. Maybe you can take a look at it.
>
> [0]:
>
Hello,
I notice the patch for CVE-2016-7977[0] handles the problem differently
than GNU Ghostscript[1] does. Maybe you can take a look at it.
[0]:
http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8abd22010eb4db0fb1b10e430d5f5d83e015ef70
[1]:
Hello all
I will review the Mark's patches and apply them for a security release
next week.
Thanks for your help !
Best regards
Didier
Le 15/10/2016 à 09:36, Mark H Weaver a écrit :
> l...@gnu.org (Ludovic Courtès) writes:
>
>> Hello Didier and all,
>>
>> We are wondering about the
l...@gnu.org (Ludovic Courtès) writes:
> Hello Didier and all,
>
> We are wondering about the applicability to GNU Ghostscript of the
> recent vulnerabilities discovered in AGPL Ghostscript:
>
> Alex Vong skribis:
>
>> Salvatore Bonaccorso writes:
>>
Hello Didier and all,
We are wondering about the applicability to GNU Ghostscript of the
recent vulnerabilities discovered in AGPL Ghostscript:
Alex Vong skribis:
> Salvatore Bonaccorso writes:
>
>>
On Wed, Oct 12, 2016 at 12:20:39PM -0400, Leo Famulari wrote:
> I don't know the relationship between GNU Ghostscript and "upstream"
> Ghostscript. Can anyone explain why GNU offers its own distribution?
Some history here:
https://en.wikipedia.org/wiki/Ghostscript#History
Hopefully the upstream
On Wed, Oct 12, 2016 at 11:29:07PM +0800, Alex Vong wrote:
> > Package: ghostscript
> > CVE ID : CVE-2013-5653 CVE-2016-7976 CVE-2016-7977 CVE-2016-7978
> > CVE-2016-7979 CVE-2016-8602
> > Debian Bug : 839118 839260 839841 839845 839846 840451
> >
> > Several
Hello,
Below are from the security announcement list:
Salvatore Bonaccorso writes:
> -
> Debian Security Advisory DSA-3691-1 secur...@debian.org
> https://www.debian.org/security/