Bug#839118: ghostscript: CVE-2013-5653: getenv and filenameforall ignore -dSAFER

To: 839118@bugs.debian.org
Subject: Bug#839118: ghostscript: CVE-2013-5653: getenv and filenameforall ignore -dSAFER
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 12 Oct 2016 16:32:02 +0200
Message-id: <[🔎] 20161012143202.4gwsfgh3bt4ee6dd@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 839118@bugs.debian.org
In-reply-to: <87eg43clfe.fsf@mid.deneb.enyo.de>
References: <87eg43clfe.fsf@mid.deneb.enyo.de>

Control: severity -1 serious

Rationale for severity increase: We ship DSA-3691-1 in jessie
containing the fix, and not having the security fix in stretch then
would be a regression.

Regards,
Salvatore

Reply to:

Prev by Date: Bug#840451: ghostscript: CVE-2016-8602
Next by Date: Processed: Re: Bug#839118: ghostscript: CVE-2013-5653: getenv and filenameforall ignore -dSAFER
Previous by thread: Bug#840451: marked as done (ghostscript: CVE-2016-8602)
Next by thread: Processed: Re: Bug#839118: ghostscript: CVE-2013-5653: getenv and filenameforall ignore -dSAFER
Index(es):
- Date
- Thread