| From 3e05c7c32c5672d8765db50c9640b7bc2831f039 Mon Sep 17 00:00:00 2001 |
| From: "David Kaspar [Dee'Kej]" <dkaspar@redhat.com> |
| Date: Fri, 7 Oct 2016 13:57:01 +0200 |
| Subject: [PATCH 1/2] Make sure 'dvipdf' is being run securely |
| |
| --- |
| lib/dvipdf | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| diff --git a/lib/dvipdf b/lib/dvipdf |
| index 802aeabc6..c92dfb0e6 100755 |
| --- a/lib/dvipdf |
| +++ b/lib/dvipdf |
| @@ -43,4 +43,4 @@ fi |
| |
| # We have to include the options twice because -I only takes effect if it |
| # appears before other options. |
| -exec dvips -Ppdf $DVIPSOPTIONS -q -f "$infile" | $GS_EXECUTABLE $OPTIONS -q -P- -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sstdout=%stderr -sOutputFile="$outfile" $OPTIONS -c .setpdfwrite - |
| +exec dvips -R -Ppdf $DVIPSOPTIONS -q -f "$infile" | $GS_EXECUTABLE $OPTIONS -q -P- -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sstdout=%stderr -sOutputFile="$outfile" $OPTIONS -c .setpdfwrite - |
| -- |
| 2.22.0.510.g264f2c817a-goog |
| |