[Frugalware-git] homepage-ng: FSA657-tetex
Miklos Vajna
vmiklos at frugalware.org
Tue Apr 13 00:39:52 CEST 2010
Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=3b588f7c4cdbd2fd5e052e5cea7f4f6a8050fe3f
commit 3b588f7c4cdbd2fd5e052e5cea7f4f6a8050fe3f
Author: Miklos Vajna <vmiklos at frugalware.org>
Date: Tue Apr 13 00:29:54 2010 +0200
FSA657-tetex
diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index c5c400d..73b1aab 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,23 @@
<fsas>
<fsa>
+ <id>657</id>
+ <date>2010-04-12</date>
+ <author>Miklos Vajna</author>
+ <package>tetex</package>
+ <vulnerable>3.0-18</vulnerable>
+ <unaffected>3.0-19locris1</unaffected>
+ <bts>http://bugs.frugalware.org/task/4153</bts>
+ <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739</cve>
+ <desc>Marc Schoenefeld found an integer overflow in the way
+ TeX text formatting system processed special commands.
+ If a user was tricked into processing a specially-crafted
+ typesetter-independent .dvi (DeVice Independent) file,
+ it could lead to dvips executable crash or, potentially,
+ to arbitrary code execution with the privileges of the user
+ running dvips.</desc>
+ </fsa>
+ <fsa>
<id>656</id>
<date>2010-04-12</date>
<author>Miklos Vajna</author>
More information about the Frugalware-git
mailing list