texlive is vulnerable to arbitrary code execution. A buffer overflow in t1_check_unusual_charstring function
in writet1.c
allows an attacker to execute arbitrary code on the system.
CPE | Name | Operator | Version |
---|---|---|---|
texlive | eq | 2012__43.20130427_r30134.el7 | |
texlive | eq | 2012__43.20130427_r30134.el7 |
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1036
access.redhat.com/security/updates/classification/#moderate
github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c
lists.debian.org/debian-security-announce/2018/msg00230.html
usn.ubuntu.com/3788-1/
usn.ubuntu.com/3788-2/
www.debian.org/security/2018/dsa-4299