Advisories ยป MGASA-2018-0397

Updated texlive packages fix security vulnerability

Publication date: 14 Oct 2018
Modification date: 14 Oct 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-17407

Description

Updated texlive packages fix security vulnerability:

A buffer overflow in the handling of Type 1 fonts allowed arbitrary code
execution when a malicious font is loaded by one of the vulnerable tools:
pdflatex, pdftex, dvips, or luatex (CVE-2018-17407).
                

References

SRPMS

6/core