mirror of
https://github.com/godotengine/buildroot.git
synced 2026-01-01 13:49:03 +03:00
8879b99a50
CVE-2017-8291 - Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass
and remote command execution via a "/OutputFile (%pipe%" substring in a
crafted .eps document that is an input to the gs program, as exploited in
the wild in April 2017.
For more details, see https://bugzilla.suse.com/show_bug.cgi?id=1036453
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 874becfd01)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>