Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 724c9964 by Salvatore Bonaccorso at 2019-11-14T13:58:08Z Add CVE-2019-14869/ghostscript - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -14130,8 +14130,15 @@ CVE-2019-14871 RESERVED CVE-2019-14870 RESERVED -CVE-2019-14869 +CVE-2019-14869 [-dSAFER escape in .charkeys] RESERVED + - ghostscript <unfixed> + NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f0aa1140032746e5a0abfc40f4cef + NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701841 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1768911 + NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated starting + NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff + NOTE: which changed the access to file permissions. CVE-2019-14868 RESERVED CVE-2019-14867 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/724c996495ced13844e88466ea6b0a1f1ffded50 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/724c996495ced13844e88466ea6b0a1f1ffded50 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits