[Buildroot] [PATCH] ghostscript: add upstream security fixes for CVE-2017-8291
Peter Korsgaard
peter at korsgaard.com
Mon May 1 07:17:07 UTC 2017
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> CVE-2017-8291 - Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass
> and remote command execution via a "/OutputFile (%pipe%" substring in a
> crafted .eps document that is an input to the gs program, as exploited in
> the wild in April 2017.
> For more details, see https://bugzilla.suse.com/show_bug.cgi?id=1036453
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2017.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list