Information on source package texlive-bin

Available versions

ReleaseVersion
jessie2014.20140926.35254-6
jessie (security)2014.20140926.35254-6+deb8u1
stretch (security)2016.20160513.41080.dfsg-2+deb9u1
buster2018.20181218.49446-1
bullseye2019.20190605.51237-3
sid2019.20190605.51237-3

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-18604fixedfixedvulnerable (no DSA)vulnerablevulnerableIn axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distr ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2017-17513vulnerablevulnerablevulnerablevulnerablevulnerableTeX Live through 20170524 does not validate strings before launching t ...
CVE-2016-10243vulnerablevulnerablevulnerablevulnerablevulnerableTeX Live allows remote attackers to execute arbitrary commands by leve ...

Resolved issues

BugDescription
CVE-2018-17407An issue was discovered in t1_check_unusual_charstring functions in wr ...
CVE-2015-5701mktexlsr revision 36855, and before revision 36626 as packaged in texl ...
CVE-2015-5700mktexlsr revision 22855 through revision 36625 as packaged in texlive ...
CVE-2015-0973Buffer overflow in the png_read_IDAT_data function in pngrutil.c in li ...
CVE-2014-9495Heap-based buffer overflow in the png_combine_row function in libpng b ...
CVE-2010-1440Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live ...
CVE-2010-0829Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTe ...
CVE-2010-0827Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, all ...
CVE-2010-0739Integer overflow in the predospecial function in dospecial.c in dvips ...
CVE-2009-3720The updatePosition function in lib/xmltok_impl.c in libexpat in Expat ...
CVE-2009-3560The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, a ...
CVE-2009-1284Buffer overflow in BibTeX 0.99 allows context-dependent attackers to c ...
CVE-2008-1693The CairoFont::create function in CairoFontEngine.cc in Poppler, possi ...
CVE-2007-5940feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users ...
CVE-2007-5937Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2 ...
CVE-2007-5936dvips in teTeX and TeXlive 2007 and earlier allows local users to obta ...
CVE-2007-5935Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 200 ...

Security announcements

DSA / DLADescription
DLA-1514-1texlive-bin - security update
DSA-4299-1texlive-bin - security update

Search for package or bug name: Reporting problems