RHSA-2012:1201: Moderate: tetex security update

First published: Thu Aug 23 2012(Updated: )

teTeX is an implementation of TeX. TeX takes a text file and a set of<br>formatting commands as input, and creates a typesetter-independent DeVice<br>Independent (DVI) file as output.<br>teTeX embeds a copy of t1lib to rasterize bitmaps from PostScript Type 1<br>fonts. The following issues affect t1lib code:<br>Two heap-based buffer overflow flaws were found in the way t1lib processed<br>Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened<br>by teTeX, it could cause teTeX to crash or, potentially, execute arbitrary<br>code with the privileges of the user running teTeX. (CVE-2010-2642,<br>CVE-2011-0433)<br>An invalid pointer dereference flaw was found in t1lib. A specially-crafted<br>font file could, when opened, cause teTeX to crash or, potentially, execute<br>arbitrary code with the privileges of the user running teTeX.<br>(CVE-2011-0764)<br>A use-after-free flaw was found in t1lib. A specially-crafted font file<br>could, when opened, cause teTeX to crash or, potentially, execute arbitrary<br>code with the privileges of the user running teTeX. (CVE-2011-1553)<br>An off-by-one flaw was found in t1lib. A specially-crafted font file could,<br>when opened, cause teTeX to crash or, potentially, execute arbitrary code<br>with the privileges of the user running teTeX. (CVE-2011-1554)<br>An out-of-bounds memory read flaw was found in t1lib. A specially-crafted<br>font file could, when opened, cause teTeX to crash. (CVE-2011-1552)<br>teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF)<br>file viewer, to allow adding images in PDF format to the generated PDF<br>documents. The following issues affect Xpdf code:<br>An uninitialized pointer use flaw was discovered in Xpdf. If pdflatex was<br>used to process a TeX document referencing a specially-crafted PDF file, it<br>could cause pdflatex to crash or, potentially, execute arbitrary code with<br>the privileges of the user running pdflatex. (CVE-2010-3702)<br>An array index error was found in the way Xpdf parsed PostScript Type 1<br>fonts embedded in PDF documents. If pdflatex was used to process a TeX<br>document referencing a specially-crafted PDF file, it could cause pdflatex<br>to crash or, potentially, execute arbitrary code with the privileges of the<br>user running pdflatex. (CVE-2010-3704)<br>Red Hat would like to thank the Evince development team for reporting<br>CVE-2010-2642. Upstream acknowledges Jon Larimer of IBM X-Force as the<br>original reporter of CVE-2010-2642.<br>All users of tetex are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• agent/weakness
• collector/redhat-errata
• anchor-id/RHSA-2012:1201
• package-manager/redhat