Control: close -1 Hi, Given that advi is meant purely for previewing and presenting DVIs, it is likely called on trusted inputs. In any case, I do not think it makes sense to keep around a 6 years old security bug. Best, nicoo On Tue, Jun 01, 2010 at 11:01:00AM +1000, Paul Szabo wrote: > Package: advi > Severity: grave > Tags: security > Justification: user security hole > > > Please note remote execute-any-code security bugs in ghostscript: > > http://bugs.debian.org/583183 > > This package depends on ghostscript, and may be affected. Please > evaluate the security of this package, and fix if needed. > > Thanks, > > Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ > School of Mathematics and Statistics University of Sydney Australia
Attachment:
signature.asc
Description: PGP signature