Bug#839260: ghostscript: various sandbox bypasses
clone 839260 -1
retitle -1 ghostscript: .libfile doesn't check PermitFileReading array, allowing remote file disclosure
forwarded -1 http://bugs.ghostscript.com/show_bug.cgi?id=697169
retitle 839260 ghostscript: various userparams allow %pipe% in paths, allowing remote shell command execution
forwarded 839260 http://bugs.ghostscript.com/show_bug.cgi?id=697178
thanks
Hi
Hope I will not create a mess here. But on oss-security two distinct
CVE id's were requested for the respecive issues for those two
upstream bugs. So let's try to separate them here as well.
FTR, the CVE request is here:
http://www.openwall.com/lists/oss-security/2016/10/05/7
Regards,
Salvatore
Reply to: