subject:"Bug#584069\: gimp\: Security bugs in ghostscript"

Bug#584069: gimp: Security bugs in ghostscript

2010-05-31 Thread paul . szabo

Dear Ari, Seems that you need to call gs with -P- also; and ensure any files (to read) passed as command-line arguments are "full pathnames". Pre-creating an empty directory and running gs there, as gv http://bugs.debian.org/583316 intends to do, might help. Cheers, Paul Paul Szabo p...@math

Bug#584069: gimp: Security bugs in ghostscript

2010-05-31 Thread Ari Pollak

On 05/31/2010 09:37 PM, Paul Szabo wrote: > This package suggests ghostscript, and may be affected. Please > evaluate the security of this package, and fix if needed. What do you suggest I fix? gimp already calls gs with -dSAFER. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.

Bug#584069: gimp: Security bugs in ghostscript

2010-05-31 Thread Paul Szabo

Package: gimp Version: 2.4.7-1 Severity: grave Tags: security Justification: user security hole Please note remote execute-any-code security bugs in ghostscript: http://bugs.debian.org/583183 This package suggests ghostscript, and may be affected. Please evaluate the security of this package,