]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 6098c19) | patch
ghostscript: fix CVE-2018-18284
authorHongxu Jia <hongxu.jia@windriver.com>
Mon, 5 Nov 2018 08:03:37 +0000 (16:03 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 6 Nov 2018 11:54:30 +0000 (11:54 +0000)
commit98ab5c5770d20b39bf3c58083f31f31838f2e940
tree6d9f5b21faec87fc81180c41ae491d887538b43ctree | snapshot
parent6098c19e1f179896af7013c4b5db3081549c97bccommit | diff
ghostscript: fix CVE-2018-18284

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving the 1Policy
operator.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-extended/ghostscript/files/0008-Make-.forceput-unavailable-from-.policyprocs-helper-.patch [new file with mode: 0644] blob
meta/recipes-extended/ghostscript/ghostscript_9.25.bb diff | blob | history
Mirror of the official openembedded-core repository