Red Hat Bugzilla – Bug 165355
CAN-2005-2471 netpbm should use the -dSAFER option when calling Ghostscript
Last modified: 2013-07-02 19:08:28 EDT
+++ This bug was initially created as a clone of Bug #165354 +++
pstopnm in netpbm does not properly use the "-dSAFER" option when calling
Ghostscript to convert convert a PostScript file into a (1) PBM, (2) PGM, or (3)
PNM file, which allows external user-complicit attackers to execute arbitrary
The Debian bug report has more information:
This issue should also affect FC3
twaugh says we should probably use the -dPARANOIDSAFER to also protect against
I added the -dPARANOIDSAFER option to the pstopnm. All seems to work fine with
It's fixed in rawhide for now.
FC3/FC4 errata for this issue are now out.