-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-8273 2010-05-10 16:33:12 --------------------------------------------------------------------------------
Name : texlive Product : Fedora 11 Version : 2007 Release : 47.fc11 URL : http://tug.org/texlive/ Summary : Binaries for the TeX formatting system Description : TeXLive is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a printable file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install texlive if you want to use the TeX text formatting system. Consider to install texlive-latex (a higher level formatting package which provides an easier-to-use interface for TeX). The TeX documentation is located in the texlive-doc package. -------------------------------------------------------------------------------- Update Information: Changes in this update: * fixes for CVE-2010-0739 and CVE-2010-1440 * adds missing defattr to filelists * fixes directory ownership of /var/lib/texmf/web2c * uses official tarball for jpatch * fixes post/postun scriptlets -------------------------------------------------------------------------------- ChangeLog: * Mon May 10 2010 Jindrich Novy <[email protected]> 2007-47 - fix CVE-2010-0739 and CVE-2010-1440 (#584795) - fix CVE-2010-0829 (#589607) - add missing defattr to filelists - fix directory ownership of /var/lib/texmf/web2c (#512459) - use official tarball for jpatch - fix post/postun scriptlets (#532466) * Fri Oct 23 2009 Jindrich Novy <[email protected]> 2007-46 - add missing dependency on kpathsea * Thu Oct 15 2009 Jindrich Novy <[email protected]> 2007-45 - make kpathsea not dependent on texlive - fix lacheck again (#451513) - fix dvips configuration (#467542) - update kpathsea description and summary (#519257) - use upstream patch to fix pool overflow CVE-2009-1284 (#492136) - don't complain if the pdvipsk hunks touching config.ps don't apply -------------------------------------------------------------------------------- References: [ 1 ] Bug #572941 - CVE-2010-0739 tetex, texlive: Integer overflow by processing special commands https://bugzilla.redhat.com/show_bug.cgi?id=572941 [ 2 ] Bug #586819 - CVE-2010-1440 tetex, texlive: Integer overflow by processing special commands https://bugzilla.redhat.com/show_bug.cgi?id=586819 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update texlive' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
