|Summary:||print/ghostscript9-agpl-base: Update to 9.26 (Fixes several security vulnerabilities)|
|Product:||Ports & Packages||Reporter:||Tijl Coosemans <tijl>|
|Component:||Individual Port(s)||Assignee:||Document Engineering Group (Nobody) <doceng>|
|Severity:||Affects Many People||CC:||bcr, ports-secteam|
Description Tijl Coosemans 2018-12-14 15:50:01 UTC
Created attachment 200119 [details] patch Another security update for ghostscript: https://www.ghostscript.com/doc/9.26/News.htm Also make openjpeg dependency optional and off by default because it's been vulnerable for a long time. Disable IJS option because print/hpijs, the last port that used it (afaik), has been removed.
Comment 1 Kubilay Kocak 2018-12-17 06:02:24 UTC
Pending (needs) VuXML entry
Comment 2 Tijl Coosemans 2018-12-22 17:33:01 UTC
Hey doceng, WAKE UP sleepy heads!! :P Seriously though this non-responsiveness is bad... I'm thinking of taking over maintainership.
Comment 3 Benedict Reuschling 2018-12-22 18:35:25 UTC
Hi Tijl, if you have the cycles to that an upgrade, that'd be great. At least, I don't have a problem with it and having an updated version with security fixes is good.
Comment 4 commit-hook 2018-12-23 19:41:35 UTC
A commit references this bug: Author: tijl Date: Sun Dec 23 19:41:21 UTC 2018 New revision: 488238 URL: https://svnweb.freebsd.org/changeset/ports/488238 Log: - Update to 9.26. - Make openjpeg dependency optional and off by default because it's been vulnerable for a long time. - Disable IJS option because print/hpijs, the last port that used it, has been removed. PR: 234013 Approved by: doceng (bcr) Changes: head/print/ghostscript9-agpl-base/Makefile head/print/ghostscript9-agpl-base/distinfo head/print/ghostscript9-agpl-base/pkg-plist head/print/ghostscript9-agpl-x11/Makefile