Am 01.10.18 um 06:13 schrieb Berkeley Roshan Churchill: > Package: ghostscript > Version: 9.06~dfsg-2+deb8u9 > Severity: grave > Justification: renders package unusable > > Dear Maintainer, > > * What led up to the situation? > > Ghostscript was upgraded to 9.06~dfsg-2+deb8u9 > > * What exactly did you do (or not do) that was effective (or > ineffective)? > > I tried running 'pdf2ps <filename>' on several PDF files, and in > several cases it failed. Attached is a file, bug.pdf, that illustrates > this problem. However, pdf2ps generally worked before the ghostscript > upgrade.
[...] Thank you for reporting this issue. I believe I have identified the problem and I will release an update that fixes it shortly. This bug was caused by an incomplete fix for CVE-2018-16543. In CVE-2018-16543.patch the line 0 mark /PageSize currentdevice /PageSize //.gsgetdeviceprop .dicttomark had to be changed to 0 mark /PageSize currentdevice /PageSize //.gsgetdeviceprop exec .dicttomark Regards, Markus
signature.asc
Description: OpenPGP digital signature