Re: DLA-1792-1/ghostscript and cups-filters

To: debian-lts@lists.debian.org
Subject: Re: DLA-1792-1/ghostscript and cups-filters
From: Roberto C. Sánchez <roberto@debian.org>
Date: Sun, 19 May 2019 16:28:19 -0400
Message-id: <[🔎] 20190519202819.gopqb3eu4gidu4sw@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 20190519202314.GA28410@eldamar.local>
References: <[🔎] 20190519202314.GA28410@eldamar.local>

Hi Salvatore,

On Sun, May 19, 2019 at 10:23:14PM +0200, Salvatore Bonaccorso wrote:
> Hi Roberto
> 
> With the update of ghostscript in DLA 1792-1 for ghostscript pdfdict
> is hidden for the fix for CVE-2019-3839.
> 
> cups-filters used though this undocumented internal, so with the
> ghostscript update cups-filter will experience a functional
> regression. 
> 
> In unstable cups-filter was fixed shortly after the 9.27 update, for
> stable we issued a corresponding update for cups-filters following the
> ghostscript update as
> https://lists.debian.org/debian-security-announce/2019/msg00087.html .
> 
> Thus I think you will need to issue same update for cups-filters as
> well for jessie to not use pdfdict but rather runpdfbegin. This way
> cups-filters will work both with a fixed and unfixed ghostscript.
> 
> Please though double-check.
> 
Thanks for letting me know.  I will have a look as you suggest.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Follow-Ups:
- Re: DLA-1792-1/ghostscript and cups-filters
  - From: Roberto C. Sánchez <roberto@debian.org>

References:
- DLA-1792-1/ghostscript and cups-filters
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: DLA-1792-1/ghostscript and cups-filters
Next by Date: Re: DLA-1792-1/ghostscript and cups-filters
Previous by thread: DLA-1792-1/ghostscript and cups-filters
Next by thread: Re: DLA-1792-1/ghostscript and cups-filters
Index(es):
- Date
- Thread