Thu May 6 14:04:39 BST 2010

texlive-bin (2007.dfsg.2-4ubuntu2.1) jaunty-security; urgency=low

  * SECURITY UPDATE: denial of service via buffer overflow
    - debian/patches/security-CVE-2009-1284.patch: check for pool overflow
      in build/source/texk/web2c/bibtex.ch.
    - CVE-2009-1284
  * SECURITY UPDATE: arbitrary code execution via memory corruption
    (LP: #537103)
    - debian/patches/security-CVE-2010-0827.patch: make sure name isn't
      too long in build/source/texk/dvipsk/virtualfont.c.
    - CVE-2010-0827
  * SECURITY UPDATE: arbitrary code execution via integer overflow
    - debian/patches/security-CVE-2010-0739,1440.patch: make sure numbytes
      doesn't overflow in build/source/texk/dvipsk/dospecial.c.
    - CVE-2010-0739
    - CVE-2010-1440

Date: Mon, 03 May 2010 09:15:24 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/texlive-bin/2007.dfsg.2-4ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Mon, 03 May 2010 09:15:24 -0400
Source: texlive-bin
Binary: texlive-base-bin texlive-extra-utils texlive-font-utils texlive-metapost texlive-omega texlive-xetex texlive-music texlive-lang-indic libkpathsea4 libkpathsea-dev texlive-metapost-doc texlive-base-bin-doc
Architecture: source
Version: 2007.dfsg.2-4ubuntu2.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 libkpathsea-dev - TeX Live: path search library for TeX (development part)
 libkpathsea4 - TeX Live: path search library for TeX (runtime part)
 texlive-base-bin - TeX Live: Essential binaries
 texlive-base-bin-doc - TeX Live: Documentation files for texlive-base-bin
 texlive-extra-utils - TeX Live: TeX auxiliary programs
 texlive-font-utils - TeX Live: TeX font-related programs
 texlive-lang-indic - TeX Live: Indic
 texlive-metapost - TeX Live: MetaPost (and Metafont) drawing packages
 texlive-metapost-doc - TeX Live: Documentation files for texlive-metapost
 texlive-music - TeX Live: Music typesetting
 texlive-omega - TeX Live: Omega
 texlive-xetex - TeX Live: XeTeX macros
Launchpad-Bugs-Fixed: 537103
Changes: 
 texlive-bin (2007.dfsg.2-4ubuntu2.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: denial of service via buffer overflow
     - debian/patches/security-CVE-2009-1284.patch: check for pool overflow
       in build/source/texk/web2c/bibtex.ch.
     - CVE-2009-1284
   * SECURITY UPDATE: arbitrary code execution via memory corruption
     (LP: #537103)
     - debian/patches/security-CVE-2010-0827.patch: make sure name isn't
       too long in build/source/texk/dvipsk/virtualfont.c.
     - CVE-2010-0827
   * SECURITY UPDATE: arbitrary code execution via integer overflow
     - debian/patches/security-CVE-2010-0739,1440.patch: make sure numbytes
       doesn't overflow in build/source/texk/dvipsk/dospecial.c.
     - CVE-2010-0739
     - CVE-2010-1440
Checksums-Sha1: 
 92bbd84da4efbc23eee590922c0e135db91cffc2 1815 texlive-bin_2007.dfsg.2-4ubuntu2.1.dsc
 8685d78abf1e5ba0c2f0b5404e97efe9e61b6068 359647 texlive-bin_2007.dfsg.2-4ubuntu2.1.diff.gz
Checksums-Sha256: 
 98ebadcb3522750ea23b0e53eed5d43dec30e6d9b76782ab9b8c38abcc1213e1 1815 texlive-bin_2007.dfsg.2-4ubuntu2.1.dsc
 dc92c13d3c2046aac6d48a94086ef6d6b651cbbc34a2f518eb83402f78ae3b90 359647 texlive-bin_2007.dfsg.2-4ubuntu2.1.diff.gz
Files: 
 3e997ed5b8f14b354bf9846219f0d0a2 1815 tex optional texlive-bin_2007.dfsg.2-4ubuntu2.1.dsc
 ce7d11c058bd0b30d450f4281623f580 359647 tex optional texlive-bin_2007.dfsg.2-4ubuntu2.1.diff.gz
Original-Maintainer: Debian TeX Maintainers <debian-tex-maint at lists.debian.org>