Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 10: FEDORA-2009-10730 Moderate: Texlive Buffer Overflow Fix

fedora
Calendar Grey November 12, 2009
Dist Fedora Esm H88
Announcement: Fedora 10 has released an update addressing key dependency issues and implementing vital security updates for texlive, which is set to improve overall performance.

Summary

TeXLive is an implementation of TeX for Linux or UNIX systems. TeX takes

a text file and a set of formatting commands as input and creates a

printable file as output. Usually, TeX is used in conjunction with

a higher level formatting package like LaTeX or PlainTeX, since TeX by

itself is not very user-friendly.

Install texlive if you want to use the TeX text formatting system. Consider

to install texlive-latex (a higher level formatting package which provides

an easier-to-use interface for TeX).

The TeX documentation is located in the texlive-doc package.

ChangeLog:

* Fri Oct 23 2009 Jindrich Novy 2007-46

- add missing dependency on kpathsea

* Thu Oct 15 2009 Jindrich Novy 2007-45

- make kpathsea not dependent on texlive

- fix lacheck again (#451513)

- fix dvips configuration (#467542)

- update kpathsea description and summary (#519257)

- use upstream patch to fix pool overflow CVE-2009-1284 (#492136)

- don't complain if the pdvipsk hunks touching config.ps don't apply

- avoid clashes with getline() from glibc

- texlive-east-asian now requires texlive-texmf-east-asian (#487258)

- do not attempt to remove old fonts via cron in /var/lib/texmf,

fonts are stored in ~/.texlive2007/texmf-var per-user

(#477833, #463975, #453468)

- use correct paths in brp-* post install scriptlets (#468179)

- fix build with gcc4.4

References:

[ 1 ] Bug #492136 - CVE-2009-1284 tetex, texlive: bibtex's invalid reads/writes when parsing big *.bib file

https://bugzilla.redhat.com/show_bug.cgi?id=492136

This update can be installed with the "yum" update program. Use

su -c 'yum update texlive' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

http://fedoraproject.org/keys

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory fedora buffer overflow security patch texlive

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Name: texlive
Product: Fedora 10
Version: 2007
Release: 46.fc10
URL: http://tug.org/texlive/
Summary: Binaries for the TeX formatting system

Topics%20covered

Topics Covered

security advisory fedora buffer overflow security patch texlive

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here