Download
| Alert*
|
oval:org.secpod.oval:def:1601359
TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code:Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics files. If a specially-crafted font file was opened by ... oval:org.secpod.oval:def:1801753 Package [texlive] builds files after installation oval:org.secpod.oval:def:1801754 texlive is installed oval:org.secpod.oval:def:67456 texlive subpackages are installed oval:org.secpod.oval:def:1601373 An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:108589 The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font librari ... oval:org.secpod.oval:def:108667 The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font librari ... oval:org.secpod.oval:def:108855 The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font librari ... oval:org.secpod.oval:def:203301 texlive is installed oval:org.secpod.oval:def:500711 TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib library allo ... oval:org.secpod.oval:def:1503684 Updated texlive packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are availa ... oval:org.secpod.oval:def:202228 TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib library allo ... oval:org.secpod.oval:def:89050508 This update for texlive-filesystem fixes the following issues: Security issues fixed: - CVE-2020-8016: Fixed a race condition in the spec file . - CVE-2020-8017: Fixed a race condition on a cron job . oval:org.secpod.oval:def:89048891 This update for texlive fixes the following issues: * CVE-2023-32700: Fixed arbitrary code execution in LuaTeX . oval:org.secpod.oval:def:89048886 This update for texlive fixes the following issues: * CVE-2023-32700: Fixed arbitrary code execution in LuaTeX . oval:org.secpod.oval:def:89049037 This update for texlive fixes the following issues: * CVE-2023-32700: Fixed arbitrary code execution in LuaTeX . oval:org.secpod.oval:def:112210 The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font librari ... oval:org.secpod.oval:def:89049749 This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex . oval:org.secpod.oval:def:1700517 An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:2600278 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. oval:org.secpod.oval:def:1506625 [9:20200406-26] - Resolves: #2209872, CVE-2023-32700 oval:org.secpod.oval:def:5800172 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix: * texlive: arbitrary code execution allows document complied with older version For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related i ... oval:org.secpod.oval:def:1506617 [7:20180414-29] - Resolves: #2209869, CVE-2023-32700 oval:org.secpod.oval:def:89048880 This update for cups-filters, poppler, texlive fixes the following issues: cups-filters: * CVE-2023-24805: Fixed a remote code execution in the beh backend . texlive: * CVE-2023-32700: Fixed arbitrary code execution in LuaTeX . poppler: * Added missing header file goo/GooCheckedOps.h. Without it, ot ... oval:org.secpod.oval:def:89051768 This update for texlive fixes the following issues: * CVE-2023-46048: Fixed NULL pointer dereference in texk/web2c/pdftexdir/writet1.c * CVE-2023-46051: Fixed NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c |
