ports/121283: [PATCH]print/ghostscript-gpl: fix security hole in 8.61
bf
bf2006a at yahoo.com
Sun Mar 2 12:20:03 UTC 2008
The following reply was made to PR ports/121283; it has been noted by GNATS.
From: bf <bf2006a at yahoo.com>
To: bug-followup at FreeBSD.org
Cc:
Subject: Re: ports/121283: [PATCH]print/ghostscript-gpl: fix security hole in 8.61
Date: Sun, 2 Mar 2008 04:14:54 -0800 (PST)
I should also mention that versions of ghostscript
prior to 8.61 may suffer from the remote security
vulnerability CVE-2007-2721 in the bundled jasper
code. See:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2721
This vulnerability has been fixed in the latest
ghostscript 8.61 source code tarballs, using a fix
from:
http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg118235.html
This should probably also be noted in vuxml.
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
More information about the freebsd-ports-bugs
mailing list