SUSE-SU-2018:3122-1: important: Security update for texlive

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Fri Oct 12 07:14:56 MDT 2018


   SUSE Security Update: Security update for texlive
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:3122-1
Rating:             important
References:         #1109673 
Cross-References:   CVE-2018-17407
Affected Products:
                    SUSE Linux Enterprise Module for Desktop Applications 15
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for texlive fixes the following issue:

   - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts
     allowed arbitrary code execution when a malicious font was loaded by one
     of the vulnerable tools: pdflatex, pdftex, dvips, or luatex
     (bsc#1109673).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Desktop Applications 15:

      zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2018-2204=1



Package List:

   - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64):

      libkpathsea6-6.2.3-11.8.4
      libkpathsea6-debuginfo-6.2.3-11.8.4
      libptexenc1-1.3.5-11.8.4
      libptexenc1-debuginfo-1.3.5-11.8.4
      libsynctex1-1.18-11.8.4
      libsynctex1-debuginfo-1.18-11.8.4
      libtexlua52-5-5.2.4-11.8.4
      libtexlua52-5-debuginfo-5.2.4-11.8.4
      texlive-2017.20170520-11.8.4
      texlive-a2ping-bin-2017.20170520.svn27321-11.8.4
      texlive-accfonts-bin-2017.20170520.svn12688-11.8.4
      texlive-adhocfilelist-bin-2017.20170520.svn28038-11.8.4
      texlive-afm2pl-bin-2017.20170520.svn44143-11.8.4
      texlive-afm2pl-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-aleph-bin-2017.20170520.svn44143-11.8.4
      texlive-aleph-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-amstex-bin-2017.20170520.svn3006-11.8.4
      texlive-arara-bin-2017.20170520.svn29036-11.8.4
      texlive-asymptote-bin-2017.20170520.svn43843-11.8.4
      texlive-asymptote-bin-debuginfo-2017.20170520.svn43843-11.8.4
      texlive-authorindex-bin-2017.20170520.svn18790-11.8.4
      texlive-autosp-bin-2017.20170520.svn44143-11.8.4
      texlive-autosp-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-bibexport-bin-2017.20170520.svn16219-11.8.4
      texlive-bibtex-bin-2017.20170520.svn44143-11.8.4
      texlive-bibtex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-bibtex8-bin-2017.20170520.svn44143-11.8.4
      texlive-bibtex8-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-bibtexu-bin-2017.20170520.svn44143-11.8.4
      texlive-bibtexu-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-bin-devel-2017.20170520-11.8.4
      texlive-bundledoc-bin-2017.20170520.svn17794-11.8.4
      texlive-cachepic-bin-2017.20170520.svn15543-11.8.4
      texlive-checkcites-bin-2017.20170520.svn25623-11.8.4
      texlive-checklistings-bin-2017.20170520.svn38300-11.8.4
      texlive-chktex-bin-2017.20170520.svn44143-11.8.4
      texlive-chktex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-cjk-gs-integrate-bin-2017.20170520.svn37223-11.8.4
      texlive-cjkutils-bin-2017.20170520.svn44143-11.8.4
      texlive-cjkutils-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-context-bin-2017.20170520.svn34112-11.8.4
      texlive-convbkmk-bin-2017.20170520.svn30408-11.8.4
      texlive-crossrefware-bin-2017.20170520.svn43866-11.8.4
      texlive-cslatex-bin-2017.20170520.svn3006-11.8.4
      texlive-csplain-bin-2017.20170520.svn33902-11.8.4
      texlive-ctanify-bin-2017.20170520.svn24061-11.8.4
      texlive-ctanupload-bin-2017.20170520.svn23866-11.8.4
      texlive-ctie-bin-2017.20170520.svn44143-11.8.4
      texlive-ctie-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-cweb-bin-2017.20170520.svn44143-11.8.4
      texlive-cweb-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-cyrillic-bin-bin-2017.20170520.svn29741-11.8.4
      texlive-de-macro-bin-2017.20170520.svn17399-11.8.4
      texlive-debuginfo-2017.20170520-11.8.4
      texlive-debugsource-2017.20170520-11.8.4
      texlive-detex-bin-2017.20170520.svn44143-11.8.4
      texlive-detex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dosepsbin-bin-2017.20170520.svn24759-11.8.4
      texlive-dtl-bin-2017.20170520.svn44143-11.8.4
      texlive-dtl-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dtxgen-bin-2017.20170520.svn29031-11.8.4
      texlive-dviasm-bin-2017.20170520.svn8329-11.8.4
      texlive-dvicopy-bin-2017.20170520.svn44143-11.8.4
      texlive-dvicopy-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dvidvi-bin-2017.20170520.svn44143-11.8.4
      texlive-dvidvi-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dviinfox-bin-2017.20170520.svn44515-11.8.4
      texlive-dviljk-bin-2017.20170520.svn44143-11.8.4
      texlive-dviljk-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dvipdfmx-bin-2017.20170520.svn40273-11.8.4
      texlive-dvipng-bin-2017.20170520.svn44143-11.8.4
      texlive-dvipng-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dvipos-bin-2017.20170520.svn44143-11.8.4
      texlive-dvipos-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dvips-bin-2017.20170520.svn44143-11.8.4
      texlive-dvips-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-dvisvgm-bin-2017.20170520.svn40987-11.8.4
      texlive-dvisvgm-bin-debuginfo-2017.20170520.svn40987-11.8.4
      texlive-ebong-bin-2017.20170520.svn21000-11.8.4
      texlive-eplain-bin-2017.20170520.svn3006-11.8.4
      texlive-epspdf-bin-2017.20170520.svn29050-11.8.4
      texlive-epstopdf-bin-2017.20170520.svn18336-11.8.4
      texlive-exceltex-bin-2017.20170520.svn25860-11.8.4
      texlive-fig4latex-bin-2017.20170520.svn14752-11.8.4
      texlive-findhyph-bin-2017.20170520.svn14758-11.8.4
      texlive-fontinst-bin-2017.20170520.svn29741-11.8.4
      texlive-fontools-bin-2017.20170520.svn25997-11.8.4
      texlive-fontware-bin-2017.20170520.svn44143-11.8.4
      texlive-fontware-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-fragmaster-bin-2017.20170520.svn13663-11.8.4
      texlive-getmap-bin-2017.20170520.svn34971-11.8.4
      texlive-glossaries-bin-2017.20170520.svn37813-11.8.4
      texlive-gregoriotex-bin-2017.20170520.svn44143-11.8.4
      texlive-gregoriotex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-gsftopk-bin-2017.20170520.svn44143-11.8.4
      texlive-gsftopk-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-jadetex-bin-2017.20170520.svn3006-11.8.4
      texlive-kotex-utils-bin-2017.20170520.svn32101-11.8.4
      texlive-kpathsea-bin-2017.20170520.svn44143-11.8.4
      texlive-kpathsea-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-kpathsea-devel-6.2.3-11.8.4
      texlive-lacheck-bin-2017.20170520.svn44143-11.8.4
      texlive-lacheck-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-latex-bin-bin-2017.20170520.svn14050-11.8.4
      texlive-latex-git-log-bin-2017.20170520.svn30983-11.8.4
      texlive-latex-papersize-bin-2017.20170520.svn42296-11.8.4
      texlive-latex2man-bin-2017.20170520.svn13663-11.8.4
      texlive-latex2nemeth-bin-2017.20170520.svn42300-11.8.4
      texlive-latexdiff-bin-2017.20170520.svn16420-11.8.4
      texlive-latexfileversion-bin-2017.20170520.svn25012-11.8.4
      texlive-latexindent-bin-2017.20170520.svn32150-11.8.4
      texlive-latexmk-bin-2017.20170520.svn10937-11.8.4
      texlive-latexpand-bin-2017.20170520.svn27025-11.8.4
      texlive-lcdftypetools-bin-2017.20170520.svn44143-11.8.4
      texlive-lcdftypetools-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-lilyglyphs-bin-2017.20170520.svn31696-11.8.4
      texlive-listbib-bin-2017.20170520.svn26126-11.8.4
      texlive-listings-ext-bin-2017.20170520.svn15093-11.8.4
      texlive-lollipop-bin-2017.20170520.svn41465-11.8.4
      texlive-ltxfileinfo-bin-2017.20170520.svn29005-11.8.4
      texlive-ltximg-bin-2017.20170520.svn32346-11.8.4
      texlive-lua2dox-bin-2017.20170520.svn29053-11.8.4
      texlive-luaotfload-bin-2017.20170520.svn34647-11.8.4
      texlive-luatex-bin-2017.20170520.svn44549-11.8.4
      texlive-luatex-bin-debuginfo-2017.20170520.svn44549-11.8.4
      texlive-lwarp-bin-2017.20170520.svn43292-11.8.4
      texlive-m-tx-bin-2017.20170520.svn44143-11.8.4
      texlive-m-tx-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-make4ht-bin-2017.20170520.svn37750-11.8.4
      texlive-makedtx-bin-2017.20170520.svn38769-11.8.4
      texlive-makeindex-bin-2017.20170520.svn44143-11.8.4
      texlive-makeindex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-match_parens-bin-2017.20170520.svn23500-11.8.4
      texlive-mathspic-bin-2017.20170520.svn23661-11.8.4
      texlive-metafont-bin-2017.20170520.svn44143-11.8.4
      texlive-metafont-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-metapost-bin-2017.20170520.svn44143-11.8.4
      texlive-metapost-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-mex-bin-2017.20170520.svn3006-11.8.4
      texlive-mf2pt1-bin-2017.20170520.svn23406-11.8.4
      texlive-mflua-bin-2017.20170520.svn44143-11.8.4
      texlive-mflua-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-mfware-bin-2017.20170520.svn44143-11.8.4
      texlive-mfware-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-mkgrkindex-bin-2017.20170520.svn14428-11.8.4
      texlive-mkjobtexmf-bin-2017.20170520.svn8457-11.8.4
      texlive-mkpic-bin-2017.20170520.svn33688-11.8.4
      texlive-mltex-bin-2017.20170520.svn3006-11.8.4
      texlive-mptopdf-bin-2017.20170520.svn18674-11.8.4
      texlive-multibibliography-bin-2017.20170520.svn30534-11.8.4
      texlive-musixtex-bin-2017.20170520.svn37026-11.8.4
      texlive-musixtnt-bin-2017.20170520.svn44143-11.8.4
      texlive-musixtnt-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-omegaware-bin-2017.20170520.svn44143-11.8.4
      texlive-omegaware-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-patgen-bin-2017.20170520.svn44143-11.8.4
      texlive-patgen-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-pax-bin-2017.20170520.svn10843-11.8.4
      texlive-pdfbook2-bin-2017.20170520.svn37537-11.8.4
      texlive-pdfcrop-bin-2017.20170520.svn14387-11.8.4
      texlive-pdfjam-bin-2017.20170520.svn17868-11.8.4
      texlive-pdflatexpicscale-bin-2017.20170520.svn41779-11.8.4
      texlive-pdftex-bin-2017.20170520.svn44143-11.8.4
      texlive-pdftex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-pdftools-bin-2017.20170520.svn44143-11.8.4
      texlive-pdftools-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-pdfxup-bin-2017.20170520.svn40690-11.8.4
      texlive-pedigree-perl-bin-2017.20170520.svn25962-11.8.4
      texlive-perltex-bin-2017.20170520.svn16181-11.8.4
      texlive-petri-nets-bin-2017.20170520.svn39165-11.8.4
      texlive-pfarrei-bin-2017.20170520.svn29348-11.8.4
      texlive-pkfix-bin-2017.20170520.svn13364-11.8.4
      texlive-pkfix-helper-bin-2017.20170520.svn13663-11.8.4
      texlive-platex-bin-2017.20170520.svn22859-11.8.4
      texlive-pmx-bin-2017.20170520.svn44143-11.8.4
      texlive-pmx-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-pmxchords-bin-2017.20170520.svn32405-11.8.4
      texlive-ps2pk-bin-2017.20170520.svn44143-11.8.4
      texlive-ps2pk-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-pst-pdf-bin-2017.20170520.svn7838-11.8.4
      texlive-pst2pdf-bin-2017.20170520.svn29333-11.8.4
      texlive-pstools-bin-2017.20170520.svn44143-11.8.4
      texlive-pstools-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-ptex-bin-2017.20170520.svn44143-11.8.4
      texlive-ptex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-ptex-fontmaps-bin-2017.20170520.svn44206-11.8.4
      texlive-ptex2pdf-bin-2017.20170520.svn29335-11.8.4
      texlive-ptexenc-devel-1.3.5-11.8.4
      texlive-purifyeps-bin-2017.20170520.svn13663-11.8.4
      texlive-pygmentex-bin-2017.20170520.svn34996-11.8.4
      texlive-pythontex-bin-2017.20170520.svn31638-11.8.4
      texlive-rubik-bin-2017.20170520.svn32919-11.8.4
      texlive-seetexk-bin-2017.20170520.svn44143-11.8.4
      texlive-seetexk-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-splitindex-bin-2017.20170520.svn29688-11.8.4
      texlive-srcredact-bin-2017.20170520.svn38710-11.8.4
      texlive-sty2dtx-bin-2017.20170520.svn21215-11.8.4
      texlive-svn-multi-bin-2017.20170520.svn13663-11.8.4
      texlive-synctex-bin-2017.20170520.svn44143-11.8.4
      texlive-synctex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-synctex-devel-1.18-11.8.4
      texlive-tetex-bin-2017.20170520.svn43957-11.8.4
      texlive-tex-bin-2017.20170520.svn44143-11.8.4
      texlive-tex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-tex4ebook-bin-2017.20170520.svn37771-11.8.4
      texlive-tex4ht-bin-2017.20170520.svn44143-11.8.4
      texlive-tex4ht-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-texconfig-bin-2017.20170520.svn29741-11.8.4
      texlive-texcount-bin-2017.20170520.svn13013-11.8.4
      texlive-texdef-bin-2017.20170520.svn21802-11.8.4
      texlive-texdiff-bin-2017.20170520.svn15506-11.8.4
      texlive-texdirflatten-bin-2017.20170520.svn12782-11.8.4
      texlive-texdoc-bin-2017.20170520.svn29741-11.8.4
      texlive-texfot-bin-2017.20170520.svn33155-11.8.4
      texlive-texliveonfly-bin-2017.20170520.svn24062-11.8.4
      texlive-texloganalyser-bin-2017.20170520.svn13663-11.8.4
      texlive-texlua-devel-5.2.4-11.8.4
      texlive-texosquery-bin-2017.20170520.svn43596-11.8.4
      texlive-texsis-bin-2017.20170520.svn3006-11.8.4
      texlive-texware-bin-2017.20170520.svn44143-11.8.4
      texlive-texware-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-thumbpdf-bin-2017.20170520.svn6898-11.8.4
      texlive-tie-bin-2017.20170520.svn44143-11.8.4
      texlive-tie-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-tpic2pdftex-bin-2017.20170520.svn29741-11.8.4
      texlive-ttfutils-bin-2017.20170520.svn44143-11.8.4
      texlive-ttfutils-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-typeoutfileinfo-bin-2017.20170520.svn25648-11.8.4
      texlive-ulqda-bin-2017.20170520.svn13663-11.8.4
      texlive-uplatex-bin-2017.20170520.svn26326-11.8.4
      texlive-uptex-bin-2017.20170520.svn44143-11.8.4
      texlive-uptex-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-urlbst-bin-2017.20170520.svn23262-11.8.4
      texlive-velthuis-bin-2017.20170520.svn44143-11.8.4
      texlive-velthuis-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-vlna-bin-2017.20170520.svn44143-11.8.4
      texlive-vlna-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-vpe-bin-2017.20170520.svn6897-11.8.4
      texlive-web-bin-2017.20170520.svn44143-11.8.4
      texlive-web-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-xdvi-bin-2017.20170520.svn44143-11.8.4
      texlive-xdvi-bin-debuginfo-2017.20170520.svn44143-11.8.4
      texlive-xetex-bin-2017.20170520.svn44361-11.8.4
      texlive-xetex-bin-debuginfo-2017.20170520.svn44361-11.8.4
      texlive-xmltex-bin-2017.20170520.svn3006-11.8.4
      texlive-yplan-bin-2017.20170520.svn34398-11.8.4

   - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 x86_64):

      libtexluajit2-2.1.0beta2-11.8.4
      libtexluajit2-debuginfo-2.1.0beta2-11.8.4
      texlive-texluajit-devel-2.1.0beta2-11.8.4

   - SUSE Linux Enterprise Module for Desktop Applications 15 (noarch):

      perl-biber-2017.20170520.svn30357-11.8.4
      texlive-biber-bin-2017.20170520.svn42679-11.8.4
      texlive-diadia-bin-2017.20170520.svn37645-11.8.4


References:

   https://www.suse.com/security/cve/CVE-2018-17407.html
   https://bugzilla.suse.com/1109673



More information about the sle-security-updates mailing list