Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in texlive
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in texlive
ID: openSUSE-SU-2018:3213-1
Distribution: SUSE
Plattformen: openSUSE Leap 15.0
Datum: Do, 18. Oktober 2018, 07:46
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407
Applikationen: TeX Live

Originalnachricht

 
   openSUSE Security Update: Security update for texlive
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2018:3213-1
Rating:             important
References:         #1109673 
Cross-References:   CVE-2018-17407
Affected Products:
                    openSUSE Leap 15.0
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for texlive fixes the following issue:

   - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts
     allowed arbitrary code execution when a malicious font was loaded by one
     of the vulnerable tools: pdflatex, pdftex, dvips, or luatex
     (bsc#1109673).

   This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended
 installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.0:

      zypper in -t patch openSUSE-2018-1196=1



Package List:

   - openSUSE Leap 15.0 (i586 x86_64):

      libkpathsea6-6.2.3-lp150.9.6.1
      libkpathsea6-debuginfo-6.2.3-lp150.9.6.1
      libptexenc1-1.3.5-lp150.9.6.1
      libptexenc1-debuginfo-1.3.5-lp150.9.6.1
      libsynctex1-1.18-lp150.9.6.1
      libsynctex1-debuginfo-1.18-lp150.9.6.1
      libtexlua52-5-5.2.4-lp150.9.6.1
      libtexlua52-5-debuginfo-5.2.4-lp150.9.6.1
      libtexluajit2-2.1.0beta2-lp150.9.6.1
      libtexluajit2-debuginfo-2.1.0beta2-lp150.9.6.1
      texlive-2017.20170520-lp150.9.6.1
      texlive-a2ping-bin-2017.20170520.svn27321-lp150.9.6.1
      texlive-accfonts-bin-2017.20170520.svn12688-lp150.9.6.1
      texlive-adhocfilelist-bin-2017.20170520.svn28038-lp150.9.6.1
      texlive-afm2pl-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-afm2pl-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-aleph-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-aleph-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-amstex-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-arara-bin-2017.20170520.svn29036-lp150.9.6.1
      texlive-asymptote-bin-2017.20170520.svn43843-lp150.9.6.1
      texlive-asymptote-bin-debuginfo-2017.20170520.svn43843-lp150.9.6.1
      texlive-authorindex-bin-2017.20170520.svn18790-lp150.9.6.1
      texlive-autosp-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-autosp-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-bibexport-bin-2017.20170520.svn16219-lp150.9.6.1
      texlive-bibtex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-bibtex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-bibtex8-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-bibtex8-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-bibtexu-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-bibtexu-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-bin-devel-2017.20170520-lp150.9.6.1
      texlive-bundledoc-bin-2017.20170520.svn17794-lp150.9.6.1
      texlive-cachepic-bin-2017.20170520.svn15543-lp150.9.6.1
      texlive-checkcites-bin-2017.20170520.svn25623-lp150.9.6.1
      texlive-checklistings-bin-2017.20170520.svn38300-lp150.9.6.1
      texlive-chktex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-chktex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-cjk-gs-integrate-bin-2017.20170520.svn37223-lp150.9.6.1
      texlive-cjkutils-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-cjkutils-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-context-bin-2017.20170520.svn34112-lp150.9.6.1
      texlive-convbkmk-bin-2017.20170520.svn30408-lp150.9.6.1
      texlive-crossrefware-bin-2017.20170520.svn43866-lp150.9.6.1
      texlive-cslatex-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-csplain-bin-2017.20170520.svn33902-lp150.9.6.1
      texlive-ctanify-bin-2017.20170520.svn24061-lp150.9.6.1
      texlive-ctanupload-bin-2017.20170520.svn23866-lp150.9.6.1
      texlive-ctie-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-ctie-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-cweb-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-cweb-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-cyrillic-bin-bin-2017.20170520.svn29741-lp150.9.6.1
      texlive-de-macro-bin-2017.20170520.svn17399-lp150.9.6.1
      texlive-debuginfo-2017.20170520-lp150.9.6.1
      texlive-debugsource-2017.20170520-lp150.9.6.1
      texlive-detex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-detex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dosepsbin-bin-2017.20170520.svn24759-lp150.9.6.1
      texlive-dtl-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dtl-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dtxgen-bin-2017.20170520.svn29031-lp150.9.6.1
      texlive-dviasm-bin-2017.20170520.svn8329-lp150.9.6.1
      texlive-dvicopy-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvicopy-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvidvi-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvidvi-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dviinfox-bin-2017.20170520.svn44515-lp150.9.6.1
      texlive-dviljk-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dviljk-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvipdfmx-bin-2017.20170520.svn40273-lp150.9.6.1
      texlive-dvipng-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvipng-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvipos-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvipos-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvips-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvips-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-dvisvgm-bin-2017.20170520.svn40987-lp150.9.6.1
      texlive-dvisvgm-bin-debuginfo-2017.20170520.svn40987-lp150.9.6.1
      texlive-ebong-bin-2017.20170520.svn21000-lp150.9.6.1
      texlive-eplain-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-epspdf-bin-2017.20170520.svn29050-lp150.9.6.1
      texlive-epstopdf-bin-2017.20170520.svn18336-lp150.9.6.1
      texlive-exceltex-bin-2017.20170520.svn25860-lp150.9.6.1
      texlive-fig4latex-bin-2017.20170520.svn14752-lp150.9.6.1
      texlive-findhyph-bin-2017.20170520.svn14758-lp150.9.6.1
      texlive-fontinst-bin-2017.20170520.svn29741-lp150.9.6.1
      texlive-fontools-bin-2017.20170520.svn25997-lp150.9.6.1
      texlive-fontware-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-fontware-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-fragmaster-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-getmap-bin-2017.20170520.svn34971-lp150.9.6.1
      texlive-glossaries-bin-2017.20170520.svn37813-lp150.9.6.1
      texlive-gregoriotex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-gregoriotex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-gsftopk-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-gsftopk-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-jadetex-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-kotex-utils-bin-2017.20170520.svn32101-lp150.9.6.1
      texlive-kpathsea-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-kpathsea-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-kpathsea-devel-6.2.3-lp150.9.6.1
      texlive-lacheck-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-lacheck-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-latex-bin-bin-2017.20170520.svn14050-lp150.9.6.1
      texlive-latex-git-log-bin-2017.20170520.svn30983-lp150.9.6.1
      texlive-latex-papersize-bin-2017.20170520.svn42296-lp150.9.6.1
      texlive-latex2man-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-latex2nemeth-bin-2017.20170520.svn42300-lp150.9.6.1
      texlive-latexdiff-bin-2017.20170520.svn16420-lp150.9.6.1
      texlive-latexfileversion-bin-2017.20170520.svn25012-lp150.9.6.1
      texlive-latexindent-bin-2017.20170520.svn32150-lp150.9.6.1
      texlive-latexmk-bin-2017.20170520.svn10937-lp150.9.6.1
      texlive-latexpand-bin-2017.20170520.svn27025-lp150.9.6.1
      texlive-lcdftypetools-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-lcdftypetools-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-lilyglyphs-bin-2017.20170520.svn31696-lp150.9.6.1
      texlive-listbib-bin-2017.20170520.svn26126-lp150.9.6.1
      texlive-listings-ext-bin-2017.20170520.svn15093-lp150.9.6.1
      texlive-lollipop-bin-2017.20170520.svn41465-lp150.9.6.1
      texlive-ltxfileinfo-bin-2017.20170520.svn29005-lp150.9.6.1
      texlive-ltximg-bin-2017.20170520.svn32346-lp150.9.6.1
      texlive-lua2dox-bin-2017.20170520.svn29053-lp150.9.6.1
      texlive-luaotfload-bin-2017.20170520.svn34647-lp150.9.6.1
      texlive-luatex-bin-2017.20170520.svn44549-lp150.9.6.1
      texlive-luatex-bin-debuginfo-2017.20170520.svn44549-lp150.9.6.1
      texlive-lwarp-bin-2017.20170520.svn43292-lp150.9.6.1
      texlive-m-tx-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-m-tx-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-make4ht-bin-2017.20170520.svn37750-lp150.9.6.1
      texlive-makedtx-bin-2017.20170520.svn38769-lp150.9.6.1
      texlive-makeindex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-makeindex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-match_parens-bin-2017.20170520.svn23500-lp150.9.6.1
      texlive-mathspic-bin-2017.20170520.svn23661-lp150.9.6.1
      texlive-metafont-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-metafont-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-metapost-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-metapost-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-mex-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-mf2pt1-bin-2017.20170520.svn23406-lp150.9.6.1
      texlive-mflua-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-mflua-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-mfware-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-mfware-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-mkgrkindex-bin-2017.20170520.svn14428-lp150.9.6.1
      texlive-mkjobtexmf-bin-2017.20170520.svn8457-lp150.9.6.1
      texlive-mkpic-bin-2017.20170520.svn33688-lp150.9.6.1
      texlive-mltex-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-mptopdf-bin-2017.20170520.svn18674-lp150.9.6.1
      texlive-multibibliography-bin-2017.20170520.svn30534-lp150.9.6.1
      texlive-musixtex-bin-2017.20170520.svn37026-lp150.9.6.1
      texlive-musixtnt-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-musixtnt-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-omegaware-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-omegaware-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-patgen-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-patgen-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-pax-bin-2017.20170520.svn10843-lp150.9.6.1
      texlive-pdfbook2-bin-2017.20170520.svn37537-lp150.9.6.1
      texlive-pdfcrop-bin-2017.20170520.svn14387-lp150.9.6.1
      texlive-pdfjam-bin-2017.20170520.svn17868-lp150.9.6.1
      texlive-pdflatexpicscale-bin-2017.20170520.svn41779-lp150.9.6.1
      texlive-pdftex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-pdftex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-pdftools-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-pdftools-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-pdfxup-bin-2017.20170520.svn40690-lp150.9.6.1
      texlive-pedigree-perl-bin-2017.20170520.svn25962-lp150.9.6.1
      texlive-perltex-bin-2017.20170520.svn16181-lp150.9.6.1
      texlive-petri-nets-bin-2017.20170520.svn39165-lp150.9.6.1
      texlive-pfarrei-bin-2017.20170520.svn29348-lp150.9.6.1
      texlive-pkfix-bin-2017.20170520.svn13364-lp150.9.6.1
      texlive-pkfix-helper-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-platex-bin-2017.20170520.svn22859-lp150.9.6.1
      texlive-pmx-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-pmx-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-pmxchords-bin-2017.20170520.svn32405-lp150.9.6.1
      texlive-ps2pk-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-ps2pk-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-pst-pdf-bin-2017.20170520.svn7838-lp150.9.6.1
      texlive-pst2pdf-bin-2017.20170520.svn29333-lp150.9.6.1
      texlive-pstools-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-pstools-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-ptex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-ptex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-ptex-fontmaps-bin-2017.20170520.svn44206-lp150.9.6.1
      texlive-ptex2pdf-bin-2017.20170520.svn29335-lp150.9.6.1
      texlive-ptexenc-devel-1.3.5-lp150.9.6.1
      texlive-purifyeps-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-pygmentex-bin-2017.20170520.svn34996-lp150.9.6.1
      texlive-pythontex-bin-2017.20170520.svn31638-lp150.9.6.1
      texlive-rubik-bin-2017.20170520.svn32919-lp150.9.6.1
      texlive-seetexk-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-seetexk-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-splitindex-bin-2017.20170520.svn29688-lp150.9.6.1
      texlive-srcredact-bin-2017.20170520.svn38710-lp150.9.6.1
      texlive-sty2dtx-bin-2017.20170520.svn21215-lp150.9.6.1
      texlive-svn-multi-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-synctex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-synctex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-synctex-devel-1.18-lp150.9.6.1
      texlive-tetex-bin-2017.20170520.svn43957-lp150.9.6.1
      texlive-tex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-tex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-tex4ebook-bin-2017.20170520.svn37771-lp150.9.6.1
      texlive-tex4ht-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-tex4ht-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-texconfig-bin-2017.20170520.svn29741-lp150.9.6.1
      texlive-texcount-bin-2017.20170520.svn13013-lp150.9.6.1
      texlive-texdef-bin-2017.20170520.svn21802-lp150.9.6.1
      texlive-texdiff-bin-2017.20170520.svn15506-lp150.9.6.1
      texlive-texdirflatten-bin-2017.20170520.svn12782-lp150.9.6.1
      texlive-texdoc-bin-2017.20170520.svn29741-lp150.9.6.1
      texlive-texfot-bin-2017.20170520.svn33155-lp150.9.6.1
      texlive-texliveonfly-bin-2017.20170520.svn24062-lp150.9.6.1
      texlive-texloganalyser-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-texlua-devel-5.2.4-lp150.9.6.1
      texlive-texluajit-devel-2.1.0beta2-lp150.9.6.1
      texlive-texosquery-bin-2017.20170520.svn43596-lp150.9.6.1
      texlive-texsis-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-texware-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-texware-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-thumbpdf-bin-2017.20170520.svn6898-lp150.9.6.1
      texlive-tie-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-tie-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-tpic2pdftex-bin-2017.20170520.svn29741-lp150.9.6.1
      texlive-ttfutils-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-ttfutils-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-typeoutfileinfo-bin-2017.20170520.svn25648-lp150.9.6.1
      texlive-ulqda-bin-2017.20170520.svn13663-lp150.9.6.1
      texlive-uplatex-bin-2017.20170520.svn26326-lp150.9.6.1
      texlive-uptex-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-uptex-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-urlbst-bin-2017.20170520.svn23262-lp150.9.6.1
      texlive-velthuis-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-velthuis-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-vlna-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-vlna-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-vpe-bin-2017.20170520.svn6897-lp150.9.6.1
      texlive-web-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-web-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-xdvi-bin-2017.20170520.svn44143-lp150.9.6.1
      texlive-xdvi-bin-debuginfo-2017.20170520.svn44143-lp150.9.6.1
      texlive-xetex-bin-2017.20170520.svn44361-lp150.9.6.1
      texlive-xetex-bin-debuginfo-2017.20170520.svn44361-lp150.9.6.1
      texlive-xmltex-bin-2017.20170520.svn3006-lp150.9.6.1
      texlive-yplan-bin-2017.20170520.svn34398-lp150.9.6.1

   - openSUSE Leap 15.0 (noarch):

      perl-biber-2017.20170520.svn30357-lp150.9.6.1
      texlive-biber-bin-2017.20170520.svn42679-lp150.9.6.1
      texlive-diadia-bin-2017.20170520.svn37645-lp150.9.6.1


References:

   https://www.suse.com/security/cve/CVE-2018-17407.html
   https://bugzilla.suse.com/1109673

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung