Opened 3 years ago

Closed 3 years ago

#11223 closed enhancement (fixed)

texlive, fix for CVE-2018-17407

Reported by: ken@… Owned by: ken@…
Priority: high Milestone: 8.4
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.

This applies to past years too.

Binary users should obviously update.

I found a patch at fedora (couldn't get anywhere in texlive svn). But (on 8.3) failed to build with -j8. Retrying with -j1.

Note that debian-unstable and testing seem to be using *current* svn, and I noticed they had issues with some libraries.

Change History (3)

comment:1 by ken@…, 3 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:2 by ken@…, 3 years ago

On the second attempt, got it to compile (didn't try testing). But now I want to future-proof it for poppler-0.68.0 and 0.69.0.

comment:3 by ken@…, 3 years ago

Priority: normalhigh
Resolution: fixed
Status: assignedclosed

Fixed in r20608. Tested with system poppler-0.62,0.67,0.68. Did not compile with BLFS-8.1 system poppler-0.57, but did compile there with the shipped poppler.

Note: See TracTickets for help on using tickets.