This bug was fixed in the package texlive-bin -
2019.20190605.51237-3ubuntu0.2
---
texlive-bin (2019.20190605.51237-3ubuntu0.2) focal-security; urgency=medium
* SECURITY UPDATE: sprintf mishandling in axohelp
- debian/patches/CVE-2019-18604.patch: fix overflow bugs in
This bug was fixed in the package texlive-bin -
2023.20230311.66589-6ubuntu0.1
---
texlive-bin (2023.20230311.66589-6ubuntu0.1) mantic-security; urgency=medium
* SECURITY UPDATE: heap overflow in ttfdump (LP: #2047912)
- debian/patches/CVE-2024-25262.diff: add overflow check to
This bug was fixed in the package texlive-bin -
2021.20210626.59705-1ubuntu0.2
---
texlive-bin (2021.20210626.59705-1ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary network requests via socket library
- debian/patches/CVE-2023-32668.patch: disable socket
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-25262
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to texlive-bin in Ubuntu.
https://bugs.launchpad.net/bugs/2047912
Title:
There is a heap buffer overflow in
Hello!
I got the CVE ID (CVE-2024-25262) for this issue.
Thanks
dongzhuo zhao 于2024年2月19日周一 11:03写道:
> Hello,I have reported this issue to TexLive and the maintenance team have
> confirmed this issue and fixed it. they want me reuest CVE ID by myself.
> And Iasrequest a CVE ID, but do not get
Hello,I have reported this issue to TexLive and the maintenance team have
confirmed this issue and fixed it. they want me reuest CVE ID by myself.
And Iasrequest a CVE ID, but do not get answer for this moment. If you
could accelerate this requesting process, that would be great!
George-Andrei
I have marked this bug as public because the public domain already
contains information about this TeX Live issue (as seen in the GitHub
issue and upstream changelog).
@dongzhuo, could you please contact the upstream (either in the existing
PR or via their mailing list) to confirm that they (1)
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to texlive-bin in Ubuntu.
https://bugs.launchpad.net/bugs/2047912
Title:
There is a heap buffer overflow in texlive-bin
8 matches
Mail list logo