Am 25.05.2026 um 12:17 schrieb Hilmar Preuße:
On 4/21/25 18:57, TaiYou wrote:
Hello,
A code injection vulnerability has been identified in MimeTeX, affecting version 1.76-1 and above. This issue has been assigned CVE-2024-40446.Yes, that issue is still open. I now have a patch, which solves/removes the vulnerability by completely disabling \mathtex.Would this be a acceptable solution?
Sorry, that was wrong: \mathtex can be re-enabled again, one just have to call the gcc correctly.
Hilmar
OpenPGP_signature.asc
Description: OpenPGP digital signature
