Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER
 A malicious PostScript file could delete files with the privileges of
 the invoking user.
Origin: vendor
Bug-Debian: http://bugs.debian.org/742902
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2014-03-28

--- a/contrib/fixps.in
+++ b/contrib/fixps.in
@@ -389,7 +389,7 @@
   	eval "$command" ;;
       gs)
         $verbose "$program: making a full rewrite of the file ($gs)." >&2
-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
     esac
   )
 fi
--- a/contrib/fixps.m4
+++ b/contrib/fixps.m4
@@ -307,7 +307,7 @@
   	eval "$command" ;;
       gs)
         $verbose "$program: making a full rewrite of the file ($gs)." >&2
-  	$gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
+  	$gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;;
     esac
   )
 fi
><a href='/guix/'>summary</a><a href='/guix/refs/?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f'>refs</a><a class='active' href='/guix/log/README'>log</a><a href='/guix/tree/README?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f'>tree</a><a href='/guix/commit/README?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f'>commit</a><a href='/guix/diff/README?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/README'>
<input type='hidden' name='id' value='41a9a34805ee0b32d334b28a55dd1a72dd03485f'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f'>root</a>/<a href='/guix/log/README?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f'>README</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/README?id=41a9a34805ee0b32d334b28a55dd1a72dd03485f&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2021-05-20 01:58:04 +0200'>2021-05-20</span></td><td><a href='/guix/commit/README?id=c0087d33705f53cc3619a1a43a33602aaecc3a8b'>The #guix channel is hosted by Libera Chat.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2020-10-23 12:57:20 -0400'>2020-10-23</span></td><td><a href='/guix/commit/README?id=b5aaa3a4fb985d21e21e2a67f48b52f13ebd4728'>doc: Update README.</a><span class='msg-avail'>...</span></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2020-10-22 22:47:54 -0400'>2020-10-22</span></td><td><a href='/guix/commit/README?id=503d2bfde08f9bf97bbf430516d2f19faedd4319'>README: Refer to the manual for building from Git.</a><span class='msg-avail'>...</span></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2020-06-02 18:55:53 +0200'>2020-06-02</span></td><td><a href='/guix/commit/README?id=c75a80189fc19f6ff8b4c82d1d1801be6763b6d2'>doc: Update README to refer to the manual.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2019-11-09 23:04:14 +0100'>2019-11-09</span></td><td><a href='/guix/commit/README?id=0758a70cc008171f31c848128deca9803536fe60'>doc: Mention value /var to localstatedir option.</a><span class='msg-avail'>...</span></td><td>zimoun</td></tr>
<tr><td><span title='2019-09-04 23:41:07 +0200'>2019-09-04</span></td><td><a href='/guix/commit/README?id=f475c6e53e5b6912cc45663d50f1d03dadfb60b8'>doc: Update 'README'.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>