Control: severity -1 important Quoting Salvatore Bonaccorso (2019-11-14 22:47:49) > Source: ghostscript > Version: 9.50~dfsg-2 > Severity: grave > Tags: security upstream > Control: found -1 9.26a~dfsg-0+deb9u5 > Control: found -1 9.26a~dfsg-0+deb9u1 > Control: found -1 9.27~dfsg-2+deb10u2 > Control: found -1 9.27~dfsg-1 > Control: found -1 9.27~dfsg-3.1 > Control: fixed -1 9.26a~dfsg-0+deb9u6 > Control: fixed -1 9.27~dfsg-2+deb10u3 > > Hi, > > The following vulnerability was published for ghostscript. I can agree > the severity is not exaclty matching, as for 9.50 itself, it's not > anymore directly exploitable (unless with -dOLDSAFER). Still it cannot > be considred fixed, only after applying [1]. Lowering severity to avoid this blocking more grave security fixes entering testing. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: signature