Date: Thu, 17 Oct 2002 11:11:12 +0200 (CEST) From: Konrad Heuer <kheuer@gwdg.de> To: ports@freebsd.org Subject: GV security problem Message-ID: <20021017110243.U544-100000@gwdu60.gwdg.de>
next in thread | raw e-mail | index | archive | help
Maybe you already know about the bug discovered in GV code; otherwise please look at e.g.: http://online.securityfocus.com/advisories/4563 Short description: Zen-parse discovered a buffer overflow in gv, a PostScript and PDF viewer for X11. This problem is triggered by scanning the PostScript file and can be exploited by an attacker sending a malformed PostScript or PDF file. The attacker is able to cause arbitrary code to be run with the privileges of the victim. Do you expect a port update to be available soon? (Same problems holds true for ghostview afaik. Regards K. Heuer (kheuer@gwdg.de) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021017110243.U544-100000>