mirror of
https://git.busybox.net/buildroot.git
synced 2024-12-05 03:13:41 +08:00
93ef6997ae
- Fix CVE-2023-36664: Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix). - Fix CVE-2023-38559: A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. - Fix CVE-2023-38560: An integer overflow flaw was found in pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. https://ghostscript.readthedocs.io/en/gs10.02.0/News.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
---|---|---|
.. | ||
0001-Fix-build-without-BUILD_PDF.patch | ||
Config.in | ||
ghostscript.hash | ||
ghostscript.mk |