a2ps: fixed commandinjection in fixps
a2ps was updated to fix a security issue:
fixps called ghostscript without -dSAFER, enabling postscript files processed
by fixps to execute code on the system. (CVE-2014-0466)
-
Submitted by
Dr. Werner Fink (WernerFink)
Fixed bugs
bnc#871097
VUL-0: CVE-2014-0466: a2ps: fixps does not use -dSAFER
