Fedora 11: 2009-10857 Critical: Texlive Buffer Overflow Fix

TeXLive is an implementation of TeX for Linux or UNIX systems. TeX takes

a text file and a set of formatting commands as input and creates a

printable file as output. Usually, TeX is used in conjunction with

a higher level formatting package like LaTeX or PlainTeX, since TeX by

itself is not very user-friendly.

Install texlive if you want to use the TeX text formatting system. Consider

to install texlive-latex (a higher level formatting package which provides

an easier-to-use interface for TeX).

The TeX documentation is located in the texlive-doc package.

ChangeLog:

* Fri Oct 23 2009 Jindrich Novy 2007-46

- add missing dependency on kpathsea

* Thu Oct 15 2009 Jindrich Novy 2007-45

- make kpathsea not dependent on texlive

- fix lacheck again (#451513)

- fix dvips configuration (#467542)

- update kpathsea description and summary (#519257)

- use upstream patch to fix pool overflow CVE-2009-1284 (#492136)

- don't complain if the pdvipsk hunks touching config.ps don't apply

References:

[ 1 ] Bug #492136 - CVE-2009-1284 tetex, texlive: bibtex's invalid reads/writes when parsing big *.bib file

https://bugzilla.redhat.com/show_bug.cgi?id=492136

This update can be installed with the "yum" update program. Use

su -c 'yum update texlive' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

http://fedoraproject.org/keys

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/