oss-sec mailing list archives

Re: CVE request: ghostscript

From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Mon, 12 Jul 2010 13:24:56 -0400

On Mon, 2010-07-12 at 11:00 -0600, Vincent Danen wrote:

* [2010-07-12 12:48:35 -0400] Dan Rosenberg wrote:

I believe this is identical to CVE-2010-1869
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1869).


They don't look identical to me.  Patches differ, upstream bugs differ.

Can't really do anything hands-on to test since the PoC attached to the
upstream bug is private.


The reproducer for CVE-2010-1869 does trigger it on 8.64 for me, but I
would consider it a separate issue.

Marc.


-- 
Marc Deslauriers
Ubuntu Security Engineer     | http://www.ubuntu.com/
Canonical Ltd.               | http://www.canonical.com/

Current thread:

CVE request: ghostscript Marc Deslauriers (Jul 12)
- Re: CVE request: ghostscript Dan Rosenberg (Jul 12)
  - Re: CVE request: ghostscript Vincent Danen (Jul 12)
    - Re: CVE request: ghostscript Dan Rosenberg (Jul 12)
    - Re: CVE request: ghostscript Marc Deslauriers (Jul 12)
    - Re: CVE request: ghostscript Josh Bressers (Jul 12)