Please update to 10.01.1 which fixes CVE-2023-28879, and add a vulndb entry, see https://artifex.com/news/critical-security-vulnerability-fixed-in-ghostscript
Created attachment 241449 [details] Patch for ghostscript10 (port only) Poudriere testport OK - 12.4 amd64, 13.2 i386
Will test as well and give my consent.
(In reply to Daniel Engberg from comment #1) The patch works for me, please commit and MFH to 2023Q2. Thank you!
^Triage: reporter is committer, assign accordingly.
Also, please remember to add an entry to VuXML: https://docs.freebsd.org/en/books/porters-handbook/book/#security-notify-vuxml-testing cd security/vuxml && make newentry CVE_ID=CVE-2023-28879 should get you half way.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=83831bbefd984abe6b35bcaa13eb99f60a8fd470 commit 83831bbefd984abe6b35bcaa13eb99f60a8fd470 Author: Daniel Engberg <diizzy@FreeBSD.org> AuthorDate: 2023-04-13 19:18:19 +0000 Commit: Matthias Andree <mandree@FreeBSD.org> CommitDate: 2023-04-13 19:20:07 +0000 print/ghostscript10: update to 10.01.1 to fix Security: CVE-2023-28879 Security: 25872b25-da2d-11ed-b715-a1e76793953b PR: 270800 Approved by: Michael Osipov (maintainer) MFH: 2023Q2 print/ghostscript10/Makefile | 2 +- print/ghostscript10/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
A commit in branch 2023Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=0d5a7e35c0d07e17650cfdcd58b0a0e7e815d7f2 commit 0d5a7e35c0d07e17650cfdcd58b0a0e7e815d7f2 Author: Daniel Engberg <diizzy@FreeBSD.org> AuthorDate: 2023-04-13 19:18:19 +0000 Commit: Matthias Andree <mandree@FreeBSD.org> CommitDate: 2023-04-13 19:20:39 +0000 print/ghostscript10: update to 10.01.1 to fix Security: CVE-2023-28879 Security: 25872b25-da2d-11ed-b715-a1e76793953b PR: 270800 Approved by: Michael Osipov (maintainer) MFH: 2023Q2 (cherry picked from commit 83831bbefd984abe6b35bcaa13eb99f60a8fd470) print/ghostscript10/Makefile | 2 +- print/ghostscript10/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)