Dear Sylvain,
> OK, so as far as I understand, we'd better pass '-dSAFER -P-' to
> 'ps2pdf' (which is AFAICS the only ghostscript script that's used in
> page-crunch).
My lenny /usr/bin/ps2pdf (really /usr/bin/ps2pdfwr) already includes
-dSAFER. Yes you could (should?) pass -P- to it. I expect th
OK, so as far as I understand, we'd better pass '-dSAFER -P-' to
'ps2pdf' (which is AFAICS the only ghostscript script that's used in
page-crunch).
David, what do you think?
- Sylvain
On Tue, Jun 01, 2010 at 11:14:06AM +1000, Paul Szabo wrote:
> Package: page-crunch
> Severity: grave
> Tags: sec
Package: page-crunch
Severity: grave
Tags: security
Justification: user security hole
Please note remote execute-any-code security bugs in ghostscript:
http://bugs.debian.org/583183
This package depends on ghostscript, and may be affected. Please
evaluate the security of this package, and fix
3 matches
Mail list logo
