Dear Ronald,
> I.e., you consider hyperlatex as "fixed" with regard to #584013 when
> "-P- -dSAFER" are added to the gs calls?
If you done that then I would not insist on keeping the bug open.
Whether "fixed", only you can tell: sorry I do not use hyperlatex
so cannot comment. (Please see the con
Hi,
On 06/01/2010 01:10 PM, paul.sz...@sydney.edu.au wrote:
>> (4) Please state clearly what's wrong with the package (hyperlatex in
>> this case). From the other bug reports I deduce that gs calls should be
>> extended with "-P- -dSAFER". This should be done in the hyperlatex
>> source package in
Dear Roland,
> (1) If ghostscript has a bug, maybe it should be fixed there instead of
> in all gs dependant packages?
Yes, but gs says "cannot fix" and "please use -P-".
> (2) Mass bug filing (esp. RC/security) is generally not a great idea,
> especially if
> (3) You haven't checked the individ
Hi,
On 06/01/2010 03:10 AM, Paul Szabo wrote:
> This package depends on ghostscript, and may be affected. Please
> evaluate the security of this package, and fix if needed.
There are several issues with this bug:
(1) If ghostscript has a bug, maybe it should be fixed there instead of
in all gs d
Package: hyperlatex
Severity: grave
Tags: security
Justification: user security hole
Please note remote execute-any-code security bugs in ghostscript:
http://bugs.debian.org/583183
This package depends on ghostscript, and may be affected. Please
evaluate the security of this package, and fix
5 matches
Mail list logo