Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
 A malicious PostScript file could delete files with the privileges of
 the invoking user.
Origin: vendor
Bug-Debian: http://bugs.debian.org/742902
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2014-03-28

--- a/contrib/fixps.in
+++ b/contrib/fixps.in
@@ -389,7 +389,7 @@
   	eval "$command" ;;
       gs)
         $verbose "$program: making a full rewrite of the file ($gs)." >&2
-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
     esac
   )
 fi
--- a/contrib/fixps.m4
+++ b/contrib/fixps.m4
@@ -307,7 +307,7 @@
   	eval "$command" ;;
       gs)
         $verbose "$program: making a full rewrite of the file ($gs)." >&2
-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
     esac
   )
 fi
t/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'>refs</a><a class='active' href='/guix/log/configure.ac'>log</a><a href='/guix/tree/configure.ac?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'>tree</a><a href='/guix/commit/configure.ac?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'>commit</a><a href='/guix/diff/configure.ac?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/configure.ac'>
<input type='hidden' name='id' value='92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'>root</a>/<a href='/guix/log/configure.ac?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f'>configure.ac</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/configure.ac?id=92bd81a96f4cac9d0fe628b82ffb1d127ad3e42f&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2023-10-22 20:35:15 -0400'>2023-10-22</span></td><td><a href='/guix/commit/configure.ac?id=4cf4dcb8b31274a8dfba6bae3a6826a1b521da3f'>teams: Adjust shebang to use 'guix repl'.</a><span class='msg-avail'>...</span></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2023-09-26 17:36:58 +0200'>2023-09-26</span></td><td><a href='/guix/commit/configure.ac?id=f651a359691cbe4750f1fe8d14dd964f7971f916'>build: Add dependency on Git.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2022-07-03 14:12:32 +0200'>2022-07-03</span></td><td><a href='/guix/commit/configure.ac?id=4eaf90470f466b3fdab87f6961cb18bb348d433f'>etc: Add teams.scm.</a><span class='msg-avail'>...</span></td><td>Ricardo Wurmus</td></tr>
<tr><td><span title='2022-01-25 23:54:44 +0100'>2022-01-25</span></td><td><a href='/guix/commit/configure.ac?id=d582b399781f6fd80c63d07746524196603972e4'>build: Require Guile &gt;= 3.0.3.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-11-23 10:24:25 +0100'>2021-11-23</span></td><td><a href='/guix/commit/configure.ac?id=bdf5c16ac052af2ca9d5c3acc4acbc08fd9fdbea'>maint: "make dist" builds tarballs in 'ustar' format.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2023-10-22	teams: Adjust shebang to use 'guix repl'....	Maxim Cournoyer
2023-09-26	build: Add dependency on Git....	Ludovic Courtès
2022-07-03	etc: Add teams.scm....	Ricardo Wurmus
2022-01-25	build: Require Guile >= 3.0.3....	Ludovic Courtès
2021-11-23	maint: "make dist" builds tarballs in 'ustar' format....	Ludovic Courtès