+2009-12-27 Tim Retout <tim@retout.co.uk>
+
+ Apply patch
+
+ * psgen.c: Use PATH_MAX
+
+2009-12-27 Tim Retout <diocles@gnu.org>
+
+ Apply patch from Debian Security Team for CAN-2004-1184.
+
+ * gsint.h: Add shell_escape prototype.
+ * util.c (shell_escape): New function to escape filenames for
+ shell usage.
+ * util.c (is_open): Use shell_escape to expand command buffer.
+
+ * main.c (main): Use single quotes when building command string,
+ and use shell_escape to quote contents.
+
+ * util.c (escape_string): Check return code of xmalloc.
+
+ Apply patch from Werner Fink to address CVE-2008-3863,
+ CVE-2008-4306.
+
+ * psgen.c: Use PATH_MAX for various buffer sizes.
+ Replace several strcpy calls with memset and strncpy.
+
+2009-03-28 Tim Retout <diocles@gnu.org>
+
+ * psgen.c (recognize_eps_file): Remove ability to read EPS data
+ from a pipe, as this executes arbitrary commands. It has been
+ disabled in most distros for five years anyway. See
+ CAN-2004-1185.
+
+ * psgen.c (dump_ps_page_header): Use basename() and dirname() to
+ split path. Fixes a buffer overflow - see CAN-2004-1186.
+
+2009-01-25 Tim Retout <diocles@gnu.org>
+
+ * main.c (main): Respect $HOME when searching for ~/.enscriptrc
+