UbuntuUpdates.org

Package "libkpathsea6"

Name: libkpathsea6

Description:

TeX Live: path search library for TeX (runtime part)

Latest version: 2017.20170613.44572-8ubuntu0.2
Release: bionic (18.04)
Level: updates
Repository: main
Head package: texlive-bin
Homepage: http://www.tug.org/texlive/

Links


Download "libkpathsea6"


Other versions of "libkpathsea6" in Bionic

Repository Area Version
base main 2017.20170613.44572-8build1
security main 2017.20170613.44572-8ubuntu0.2

Changelog

Version: 2017.20170613.44572-8ubuntu0.2 2023-05-30 12:07:10 UTC

  texlive-bin (2017.20170613.44572-8ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Arbitrary Code Execution
    - debian/patches/CVE-2023-32700.patch: Fix improperly secured
      shell-escape in LuaTeX.
    - CVE-2023-32700

 -- Eduardo Barretto <email address hidden> Thu, 25 May 2023 16:25:13 +0200

Source diff to previous version
CVE-2023-32700 LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because lu

Version: 2017.20170613.44572-8ubuntu0.1 2018-10-11 20:06:21 UTC

  texlive-bin (2017.20170613.44572-8ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution
    - debian/patches/CVE-2018-17407.patch: fix in
      texk/dvipsk/writet1.c, texk/web2c/luatexdir/font/writet1.w,
      texk/web2c/pdftexdir/writet1.c.
    - CVE-2018-17407

 -- <email address hidden> (Leonidas S. Barbosa) Wed, 10 Oct 2018 08:37:47 -0300

CVE-2018-17407 An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling



About   -   Send Feedback to @ubuntu_updates