Comment 1 Thierry Carrez (RETIRED) 2004-11-30 03:30:07 UTC

If real, this *could* be exploited by using a malicious PDF file.

printing herd / x86 team : please test and mark 8.15 stable, as it seems to be stable anyway.

Comment 2 Heinrich Wendel (RETIRED) 2004-11-30 05:57:26 UTC

stable on x86

Comment 3 Luke Macken (RETIRED) 2004-11-30 11:41:08 UTC

Security, please vote on GLSA.

Comment 4 Thierry Carrez (RETIRED) 2004-11-30 12:07:14 UTC

Without more information, we won't issue a GLSA. Someone with time should reproduce and look at the diff to see what was fixed and if it's exploitable.

Comment 5 Sune Kloppenborg Jeppesen (RETIRED) 2004-11-30 23:30:33 UTC

Seems like a job for auditing.

Comment 6 Matthias Geerdsen (RETIRED) 2004-12-01 03:14:03 UTC

Yep, agreeing with comments #4, #5

Comment 7 Thierry Carrez (RETIRED) 2004-12-01 09:08:26 UTC

There are a lot of SEGV fixes in gs.
We'll suppose these are not exploitable, unless proves otherwise.
Switching to auditing as this package may be a nice target.

Comment 8 rob holland (RETIRED) 2005-03-10 12:20:43 UTC

fwiw the bug referenced below is a segfault due to a huge stack, can't see it being exploitable (not that I'm an expert).

Comment 9 rob holland (RETIRED) 2005-03-10 12:21:07 UTC

s/below/above/ ;)

Comment 10 Heinrich Wendel (RETIRED) 2005-03-14 11:06:41 UTC

so...

Comment 11 Thierry Carrez (RETIRED) 2005-03-14 12:02:38 UTC

so it's CLOSED as a fixed non-security issue.