## 11_CAN-2004-1185.dpatch by Michael Fedrowitz <michaelf@debian.org>
## DP: Commented out code that will permit EPS files to be provided as
## DP: arbitrary programs to be executed. [CAN-2004-1185]
## DP: Patch provided by the Debian Security Team.
diff -urNad enscript-1.6.4/src/psgen.c /tmp/dpep.pWFdoz/enscript-1.6.4/src/psgen.c
--- enscript-1.6.4/src/psgen.c	2005-01-20 19:56:16.000000000 +0100
+++ /tmp/dpep.pWFdoz/enscript-1.6.4/src/psgen.c	2005-01-20 19:56:28.000000000 +0100
@@ -2385,9 +2385,10 @@
   MESSAGE (2, (stderr, "^@epsf=\"%s\"\n", token->u.epsf.filename));
 
   i = strlen (token->u.epsf.filename);
+  /*
   if (i > 0 && token->u.epsf.filename[i - 1] == '|')
     {
-      /* Read EPS data from pipe. */
+      / * Read EPS data from pipe. * /
       token->u.epsf.pipe = 1;
       token->u.epsf.filename[i - 1] = '\0';
       token->u.epsf.fp = popen (token->u.epsf.filename, "r");
@@ -2400,6 +2401,7 @@
 	}
     }
   else
+  */
     {
       char *filename;
 
