<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/746fd10609775956653b6c9d4090d57e10e67853">746fd106</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2018-08-26T20:00:36Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Add temporary entry for ghostscript issues for -dSAFER sanbox bypasses

Actually each of the found issues should get CVE assigned, but MITRE has

not yet assigned CVEs, so for now tracking those issues under the

temporary item and BTS entry #907332.

CERT tracks this issue under: https://www.kb.cert.org/vuls/id/332928

Patches available as per

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b575e1ec

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=8e9ce501

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=241d9111

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c432131c

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=e01e77a3

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0edd3d6c

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a054156d

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=0d390118

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=c3476dde

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b326a716

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=78911a01

        http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5516c614

Thanks: Nicolas Braud-Santoni for starting tracking those issues.

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/746fd10609775956653b6c9d4090d57e10e67853#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/746fd10609775956653b6c9d4090d57e10e67853">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Commit","url":"https://salsa.debian.org/security-tracker-team/security-tracker/commit/746fd10609775956653b6c9d4090d57e10e67853"}}</script>

</p>

</div>

</body>

</html>