oss-sec mailing list archives
Re: CVE request: ghostscript and gv
From: Tomas Hoger <thoger () redhat com>
Date: Mon, 19 Jul 2010 11:12:12 +0200
On Sun, 30 May 2010 22:08:12 +0200 Bernhard R. Link wrote:
Gs's -P- not working (at least for gs_init.ps), is definitly a bug that needs to be fixed.
This should be fixed in upstream SVN now.
I personally would also suggest fixing gs to not look in the current directory by default (looking for important stuff in the current directory is really always a bad idea). I guess the problem is how to fix it.
Following commit should change default from -P to -P- : http://svn.ghostscript.com/viewvc?view=rev&revision=11494 Is this the approach other vendors are expecting to use? -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- Re: CVE request: ghostscript and gv Tomas Hoger (Jul 19)
- <Possible follow-ups>
- Re: CVE request: ghostscript and gv Tomas Hoger (Aug 25)
- Re: CVE request: ghostscript and gv Ludwig Nussel (Aug 25)
- Re: CVE request: ghostscript and gv Tomas Hoger (Aug 26)
- Re: CVE request: ghostscript and gv Ludwig Nussel (Aug 25)