Ubuntu Security Notice 3788-1 - Jakub Wilk discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
cb209c1a50a7e5f25734ea9e5ac9a9313efb258486747903b4044d1baaa6c58e
==========================================================================
Ubuntu Security Notice USN-3788-1
October 11, 2018
texlive-bin vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Tex Live.
Software Description:
- texlive-bin: TeX Live: path search library for TeX (development part)
Details:
Jakub Wilk discovered that Tex Live incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS. (CVE-2015-5700)
It was discovered that Tex Live incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2018-17407)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
texlive-binaries 2017.20170613.44572-8ubuntu0.1
Ubuntu 16.04 LTS:
texlive-binaries 2015.20160222.37495-1ubuntu0.1
Ubuntu 14.04 LTS:
texlive-binaries 2013.20130729.30972-2ubuntu0.1
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3788-1
CVE-2015-5700, CVE-2018-17407
Package Information:
https://launchpad.net/ubuntu/+source/texlive-bin/2017.20170613.44572-8ubuntu0.1
https://launchpad.net/ubuntu/+source/texlive-bin/2015.20160222.37495-1ubuntu0.1
https://launchpad.net/ubuntu/+source/texlive-bin/2013.20130729.30972-2ubuntu0.1