Oval Definition:oval:com.redhat.rhsa:def:20071027
Revision Date:2007-11-08Version:639
Title:RHSA-2007:1027: tetex security update (Important)
Description:TeTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (dvi) file as output.

  • Alin Rad Pop discovered several flaws in the handling of PDF files. An attacker could create a malicious PDF file that would cause TeTeX to crash or potentially execute arbitrary code when opened. (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)

  • A flaw was found in the t1lib library, used in the handling of Type 1 fonts. An attacker could create a malicious file that would cause TeTeX to crash, or potentially execute arbitrary code when opened. (CVE-2007-4033)

    Users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-4033
    CVE-2007-4352
    CVE-2007-5392
    CVE-2007-5393
    RHSA-2007:1027
    RHSA-2007:1027-02
    RHSA-2007:1027-02
    Platform(s):Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • tetex is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex is signed with Red Hat redhatrelease2 key
  • tetex-afm is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex-afm is signed with Red Hat redhatrelease2 key
  • tetex-doc is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex-doc is signed with Red Hat redhatrelease2 key
  • tetex-dvips is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex-dvips is signed with Red Hat redhatrelease2 key
  • tetex-fonts is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex-fonts is signed with Red Hat redhatrelease2 key
  • tetex-latex is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex-latex is signed with Red Hat redhatrelease2 key
  • tetex-xdvi is earlier than 0:2.0.2-22.0.1.EL4.10
  • AND tetex-xdvi is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • tetex is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex is signed with Red Hat redhatrelease2 key
  • tetex-afm is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex-afm is signed with Red Hat redhatrelease2 key
  • tetex-doc is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex-doc is signed with Red Hat redhatrelease2 key
  • tetex-dvips is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex-dvips is signed with Red Hat redhatrelease2 key
  • tetex-fonts is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex-fonts is signed with Red Hat redhatrelease2 key
  • tetex-latex is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex-latex is signed with Red Hat redhatrelease2 key
  • tetex-xdvi is earlier than 0:3.0-33.2.el5_1.2
  • AND tetex-xdvi is signed with Red Hat redhatrelease2 key
    • BACK