SUSE-SU-2024:1203-1

Опубликовано: 11 апр. 2024

Источник: suse-cvrf

Описание

Security update for texlive-specs-k

This update for texlive-specs-k fixes the following issues:

CVE-2016-10243: Fixed arbitrary code execution via mpost during TeX document compilation (bsc#1028271)

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

texlive-kastrup-2013.84.svn15878-21.3.1

texlive-koma-script-2013.84.3.11bsvn29774-21.3.1

texlive-kpathsea-2013.84.svn30218-21.3.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241203-1/
Link for SUSE-SU-2024:1203-1
https://lists.suse.com/pipermail/sle-updates/2024-April/034932.html
E-Mail link for SUSE-SU-2024:1203-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1028271
SUSE Bug 1028271
https://www.suse.com/security/cve/CVE-2016-10243/
SUSE CVE CVE-2016-10243 page

Описание

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12 SP5:texlive-kastrup-2013.84.svn15878-21.3.1

SUSE Linux Enterprise Software Development Kit 12 SP5:texlive-koma-script-2013.84.3.11bsvn29774-21.3.1

SUSE Linux Enterprise Software Development Kit 12 SP5:texlive-kpathsea-2013.84.svn30218-21.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-10243.html
CVE-2016-10243
https://bugzilla.suse.com/1028271
SUSE Bug 1028271

SUSE-SU-2024:1203-1

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP5

Ссылки

Уязвимость: CVE-2016-10243

Описание

Затронутые продукты

Ссылки