Oval Definition:oval:com.redhat.rhsa:def:20121201
Revision Date:2012-08-23Version:635
Title:RHSA-2012:1201: tetex security update (Moderate)
Description:teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output.

teTeX embeds a copy of t1lib to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code:

  • Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened by teTeX, it could cause teTeX to crash or, potentially, execute arbitrary code with the privileges of the user running teTeX. (CVE-2010-2642, CVE-2011-0433)

  • An invalid pointer dereference flaw was found in t1lib. A specially-crafted font file could, when opened, cause teTeX to crash or, potentially, execute arbitrary code with the privileges of the user running teTeX. (CVE-2011-0764)

  • A use-after-free flaw was found in t1lib. A specially-crafted font file could, when opened, cause teTeX to crash or, potentially, execute arbitrary code with the privileges of the user running teTeX. (CVE-2011-1553)

  • An off-by-one flaw was found in t1lib. A specially-crafted font file could, when opened, cause teTeX to crash or, potentially, execute arbitrary code with the privileges of the user running teTeX. (CVE-2011-1554)

  • An out-of-bounds memory read flaw was found in t1lib. A specially-crafted font file could, when opened, cause teTeX to crash. (CVE-2011-1552)

    teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF) file viewer, to allow adding images in PDF format to the generated PDF documents. The following issues affect Xpdf code:

  • An uninitialized pointer use flaw was discovered in Xpdf. If pdflatex was used to process a TeX document referencing a specially-crafted PDF file, it could cause pdflatex to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2010-3702)

  • An array index error was found in the way Xpdf parsed PostScript Type 1 fonts embedded in PDF documents. If pdflatex was used to process a TeX document referencing a specially-crafted PDF file, it could cause pdflatex to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2010-3704)

    Red Hat would like to thank the Evince development team for reporting CVE-2010-2642. Upstream acknowledges Jon Larimer of IBM X-Force as the original reporter of CVE-2010-2642.

    All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-2642
    CVE-2010-3702
    CVE-2010-3704
    CVE-2011-0433
    CVE-2011-0764
    CVE-2011-1552
    CVE-2011-1553
    CVE-2011-1554
    RHSA-2012:1201
    RHSA-2012:1201-00
    RHSA-2012:1201-01
    RHSA-2012:1201-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • tetex is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex is signed with Red Hat redhatrelease2 key
  • tetex-afm is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex-afm is signed with Red Hat redhatrelease2 key
  • tetex-doc is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex-doc is signed with Red Hat redhatrelease2 key
  • tetex-dvips is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex-dvips is signed with Red Hat redhatrelease2 key
  • tetex-fonts is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex-fonts is signed with Red Hat redhatrelease2 key
  • tetex-latex is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex-latex is signed with Red Hat redhatrelease2 key
  • tetex-xdvi is earlier than 0:3.0-33.15.el5_8.1
  • AND tetex-xdvi is signed with Red Hat redhatrelease2 key
    • BACK