Publishing details
Changelog
texlive-bin (2021.20210626.59705-1ubuntu0.2) jammy-security; urgency=medium
* SECURITY UPDATE: arbitrary network requests via socket library
- debian/patches/CVE-2023-32668.patch: disable socket library by
default in texk/web2c/luatexdir/lua/loslibext.c,
texk/web2c/luatexdir/lua/luainit.c,
texk/web2c/luatexdir/lua/luastuff.c,
texk/web2c/luatexdir/lua/luatex-api.h,
texk/web2c/luatexdir/luasocket/src/lua_preload.c.
- CVE-2023-32668
* SECURITY UPDATE: heap overflow in ttfdump (LP: #2047912)
- debian/patches/CVE-2024-25262.diff: add overflow check to
texk/ttfdump/libttf/hdmx.c.
- CVE-2024-25262
-- Marc Deslauriers <email address hidden> Wed, 13 Mar 2024 10:11:46 -0400
Builds
Built packages
-
libkpathsea-dev
TeX Live: path search library for TeX (development part)
-
libkpathsea6
TeX Live: path search library for TeX (runtime part)
-
libkpathsea6-dbgsym
debug symbols for libkpathsea6
-
libptexenc-dev
TeX Live: ptex encoding library (development part)
-
libptexenc1
TeX Live: pTeX encoding library
-
libptexenc1-dbgsym
debug symbols for libptexenc1
-
libsynctex-dev
TeX Live: SyncTeX parser library (development part)
-
libsynctex2
TeX Live: SyncTeX parser library
-
libsynctex2-dbgsym
debug symbols for libsynctex2
-
libtexlua53
TeX Live: Lua 5.3, modified for use with LuaTeX
-
libtexlua53-dbgsym
debug symbols for libtexlua53
-
libtexlua53-dev
TeX Live: Lua 5.3, modified for use with LuaTeX (development part)
-
libtexluajit-dev
TeX Live: LuaJIT, modified for use with LuaJITTeX (development part)
-
libtexluajit2
TeX Live: LuaJIT, modified for use with LuaJITTeX
-
libtexluajit2-dbgsym
debug symbols for libtexluajit2
-
texlive-binaries
Binaries for TeX Live
-
texlive-binaries-dbgsym
debug symbols for texlive-binaries
Package files