[Secure-testing-team] CVE-2010-2055
Moritz Muehlenhoff
jmm at inutil.org
Fri Dec 10 18:45:18 UTC 2010
On Thu, Dec 09, 2010 at 10:48:46PM -0500, Michael Gilbert wrote:
> I've isolated and applied the patches needed to fix CVE-2010-2055 in
> ghostscript. See attached debdiff.
>
> Would anyone be so kind to sponsor this? The package is at:
> http://mentors.debian.net/debian/pool/main/g/ghostscript/
I don't have time to sponsor this currently, but this should be
uploaded with urgency=low, since there's the potential that
applications rely on the old, broken behaviour.
I also remember that Jonas is still considering to introduce
Ghostscript 9.0 into Squeeze. Jonas, what's the current status?
Cheers,
Moritz
More information about the Secure-testing-team
mailing list