Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabili

help-debbugs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabili

From:	Leo Famulari
Subject:	Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabilities.)
Date:	Fri, 9 Apr 2021 14:40:53 -0400

On Fri, Apr 09, 2021 at 01:52:01PM +0000, GNU bug Tracking System wrote:
> Leo Famulari (26 Feb 2019) wrote:
> > Since this bug was filed, Ghostscript has received more scrutiny and
> > serious bugs continue to be found.
> 
> I assume you meant ‘fixed’.

I don't know if I made a typo or not, but 'filed' is definitely the
correct interpretation; security researchers ignored postscript /
Ghostcript for a very long time, but it became a popular area of
research a few years ago.

Basically, Ghostscript is a decades-old C codebase implementing an even
older language specification. Caveat emptor.

Unlike some other similar codebases, like OpenSSL, the situation
regarding security researchers and vulnerability disclosure has not
really improved, as far as I can tell :/

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

Re: bug#32515: closed (Re: GNOME thumbnailing code execution vulnerabilities.), Leo Famulari <=

Prev by Date: Add link to the ticket when someone reply
Next by Date: bug#47732: r-txdb-dmelanogaster-ucsc-dm6-ensgene.patch
Previous by thread: Add link to the ticket when someone reply
Next by thread: bug#47732: r-txdb-dmelanogaster-ucsc-dm6-ensgene.patch
Index(es):
- Date
- Thread