1 Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
2 A malicious PostScript file could delete files with the privileges of
5 Bug-Debian: http://bugs.debian.org/742902
6 Author: Salvatore Bonaccorso <carnil@debian.org>
7 Last-Update: 2014-03-28
10 +++ b/contrib/fixps.in
14 $verbose "$program: making a full rewrite of the file ($gs)." >&2
15 - $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
16 + $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
20 --- a/contrib/fixps.m4
21 +++ b/contrib/fixps.m4
25 $verbose "$program: making a full rewrite of the file ($gs)." >&2
26 - $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
27 + $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;