Synopsis:
texlive-base security updateSummary:
An update for texlive-base is now available for openEuler-24.03-LTS-SP1Description:
The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font libraries.
Security Fix(es):
texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.(CVE-2024-25262)Topic:
An update for texlive-base is now available for openEuler-24.03-LTS-SP1.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.Severity:
HighAffected Component:
texlive-base
13.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp113.oe2403sp1Exploitability
AV:NAC:LPR:NUI:RScope
S:UImpact
C:NI:HA:H8.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H