Fedora 43 : texlive-base / xpdf (2025-7c5b6a3bcb)

The remote Fedora 43 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-7c5b6a3bcb advisory. Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs: CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900...

Fedora 42 : texlive-base / xpdf (2025-e72c726192)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2025-e72c726192 advisory. Update to 4.06. Lots of bugfixes, but notably, security fixes for the following CVEs: CVE-2024-2971 CVE-2024-3247 CVE-2024-3248 CVE-2024-3900...

NewStart CGSL MAIN 7.02 : texlive-base Vulnerability (NS-SA-2025-0137)

The remote NewStart CGSL host, running version MAIN 7.02, has texlive-base packages installed that are affected by a vulnerability: - LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua...

Fedora: Security Advisory for texlive-base (FEDORA-2023-d261122726)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : texlive-base (2023-d261122726)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d261122726 advisory. Fix CVE-2023-32700 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

Fedora: Security Advisory for texlive-base (FEDORA-2023-38094d905c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : texlive-base (2023-38094d905c)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-38094d905c advisory. Fixes CVE-2023-32700. Also fixes issues with mptopdf.pl, thumb2pdf.pl, and mtxrun. Tenable has extracted the preceding description block directly fr...

Fedora: Security Advisory for texlive-base (FEDORA-2022-639b9d2b85)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: texlive-base-20210325-44.fc35

The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font...

Fedora 30 : 7:texlive-base (2020-fa1956e637)

Resolve buffer overflow in TexOpen function, CVE-2019-19601 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...

Fedora: Security Advisory for texlive-base (FEDORA-2020-fa1956e637)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 31 : 7:texlive-base (2020-bb5c663b83)

Resolve buffer overflow in TexOpen function, CVE-2019-19601 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...

Fedora: Security Advisory for texlive-base (FEDORA-2020-bb5c663b83)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian: Security Advisory (DLA-847-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3401-1: TeX Live vulnerability

It was discovered that TeX Live incorrectly handled certain system commands. If a user were tricked into processing a specially crafted TeX file, a remote attacker could execute arbitrary code...

Debian DLA-847-1 : texlive-base security update

The TeX system allows for calling external programs from within the TeX source code. This has been restricted to a small set of programs since a long time ago. Unfortunately it turned out that one program in the list, mpost, allows in turn to specify other programs to be run, which allows arbitra...

[SECURITY] [DSA 3803-1] texlive-base security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3803-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3803-1] texlive-base security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3803-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 08, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DLA 847-1] texlive-base security update

Package : texlive-base Version : 2012.20120611-5+deb7u1 CVE ID : CVE-2016-10243 The TeX system allows for calling external programs from within the TeX source code. This has been restricted to a small set of programs since a long time ago. Unfortunately it turned out that one program in the list,...

Debian DSA-3803-1 : texlive-base - security update

It was discovered that texlive-base, the TeX Live package which provides the essential TeX programs and files, whitelists mpost as an external program to be run from within the TeX source code called \write18. Since mpost allows to specify other programs to be run, an attacker can take advantage ...