[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabili
From: |
Leo Famulari |
Subject: |
Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabilities.) |
Date: |
Fri, 9 Apr 2021 14:40:53 -0400 |
On Fri, Apr 09, 2021 at 01:52:01PM +0000, GNU bug Tracking System wrote:
> Leo Famulari (26 Feb 2019) wrote:
> > Since this bug was filed, Ghostscript has received more scrutiny and
> > serious bugs continue to be found.
>
> I assume you meant ‘fixed’.
I don't know if I made a typo or not, but 'filed' is definitely the
correct interpretation; security researchers ignored postscript /
Ghostcript for a very long time, but it became a popular area of
research a few years ago.
Basically, Ghostscript is a decades-old C codebase implementing an even
older language specification. Caveat emptor.
Unlike some other similar codebases, like OpenSSL, the situation
regarding security researchers and vulnerability disclosure has not
really improved, as far as I can tell :/
signature.asc
Description: PGP signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabilities.),
Leo Famulari <=