[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#839260: ghostscript: various sandbox bypasses



clone 839260 -1
retitle -1 ghostscript: .libfile doesn't check PermitFileReading array, allowing remote file disclosure
forwarded -1 http://bugs.ghostscript.com/show_bug.cgi?id=697169
retitle 839260 ghostscript: various userparams allow %pipe% in paths, allowing remote shell command execution
forwarded 839260 http://bugs.ghostscript.com/show_bug.cgi?id=697178
thanks

Hi

Hope I will not create a mess here. But on oss-security two distinct
CVE id's were requested for the respecive issues for those two
upstream bugs. So let's try to separate them here as well.

FTR, the CVE request is here:
http://www.openwall.com/lists/oss-security/2016/10/05/7

Regards,
Salvatore


Reply to: