Fix CVE-2008-0411( http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0411 http://scary.beasts.org/security/CESA-2008-001.html ), using a Red Hat patch from: https://bugzilla.redhat.com/attachment.cgi?id=294020 and bump portrevision. The new version hasn't been in ports long, but I guess a vuxml entry should be added, to be on the safe side. Fix: Patch attached with submission follows:
I should mention that this security problem is said to exist with some ghostscript versions prior to 8.61. ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
I should also mention that versions of ghostscript prior to 8.61 may suffer from the remote security vulnerability CVE-2007-2721 in the bundled jasper code. See: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2721 This vulnerability has been fixed in the latest ghostscript 8.61 source code tarballs, using a fix from: http://www.mail-archive.com/debian-bugs-rc@lists.debian.org/msg118235.html This should probably also be noted in vuxml. ____________________________________________________________________________________ Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
Responsible Changed From-To: freebsd-ports-bugs->rafan I'll take it.
rafan 2008-03-02 12:43:31 UTC FreeBSD ports repository Modified files: print/ghostscript-gpl Makefile.inc Added files: print/ghostscript-gpl/files patch-src__zicc.c Log: - Fix security issue PR: ports/121283 Security: CVE-2008-0411 Submitted by: bf <bf2006a at yahoo.com> Revision Changes Path 1.26 +2 -2 ports/print/ghostscript-gpl/Makefile.inc 1.1 +12 -0 ports/print/ghostscript-gpl/files/patch-src__zicc.c (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Vuxml entry added. Thanks!