Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Ubuntu 18.04 LTS USN-3788-1 Severe: Texlive-bin Code Execution

ubuntu
Calendar Grey October 11, 2018
Dist Ubuntu Esm H88
Multiple security flaws in texlive-bin have been patched for Ubuntu, impacting versions 14.04, 16.04, and 18.04 LTS. Please ensure you update immediately.
Several security issues were fixed in Tex Live.

Summary

Several security issues were fixed in Tex Live.

Software Description:

- texlive-bin: TeX Live: path search library for TeX (development part)

Details:

Jakub Wilk discovered that Tex Live incorrectly handled certain files.

An attacker could possibly use this issue to execute arbitrary code.

This issue only affected Ubuntu 14.04 LTS. (CVE-2015-5700)

It was discovered that Tex Live incorrectly handled certain files.

An attacker could possibly use this issue to execute arbitrary code.

(CVE-2018-17407)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  texlive-binaries                2017.20170613.44572-8ubuntu0.1

Ubuntu 16.04 LTS:
  texlive-binaries                2015.20160222.37495-1ubuntu0.1

Ubuntu 14.04 LTS:
  texlive-binaries                2013.20130729.30972-2ubuntu0.1

In general, a standard system update will make all the necessary
changes.

References

  https://ubuntu.com/security/notices/USN-3788-1

  CVE-2015-5700, CVE-2018-17407

Severity
critical
Lowest
Low
Medium
High
Critical

October 11, 2018

Package Information

  https://launchpad.net/ubuntu/+source/texlive-bin/2017.20170613.44572-8ubuntu0.1
  https://launchpad.net/ubuntu/+source/texlive-bin/2015.20160222.37495-1ubuntu0.1
  https://launchpad.net/ubuntu/+source/texlive-bin/2013.20130729.30972-2ubuntu0.1

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.