Ubuntu

“texlive-bin” 2007.dfsg.1-2ubuntu0.1 source package in The Hardy Heron

Publishing history

2007.dfsg.1-2ubuntu0.1
PUBLISHED: Hardy pocket Updates in component main and section tex
  • Published on 2010-05-06
  • Copied from ubuntu hardy in Private PPA for Ubuntu Security Team
2007.dfsg.1-2ubuntu0.1
PUBLISHED: Hardy pocket Security in component main and section tex
  • Published on 2010-05-06
  • Copied from ubuntu hardy in Private PPA for Ubuntu Security Team

Builds

Changelog

texlive-bin (2007.dfsg.1-2ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/security-CVE-2009-1284.patch: check for pool overflow
      in build/source/texk/web2c/bibtex.ch.
    - CVE-2009-1284
  * SECURITY UPDATE: arbitrary code execution via memory corruption
    (LP: #537103)
    - debian/patches/security-CVE-2010-0827.patch: make sure name isn't
      too long in build/source/texk/dvipsk/virtualfont.c.
    - CVE-2010-0827
  * SECURITY UPDATE: arbitrary code execution via integer overflow
    - debian/patches/security-CVE-2010-0739,1440.patch: make sure numbytes
      doesn't overflow in build/source/texk/dvipsk/dospecial.c.
    - CVE-2010-0739
    - CVE-2010-1440
 -- Marc Deslauriers <email address hidden>   Mon, 03 May 2010 09:17:58 -0400