[Git][security-tracker-team/security-tracker][master] Track source-wise fix for CVE-2016-10243

Mon Apr 13 20:35:07 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
95d1b2c8 by Salvatore Bonaccorso at 2020-04-13T21:34:48+02:00
Track source-wise fix for CVE-2016-10243

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -172532,7 +172532,7 @@ CVE-2016-10244 (The parse_charstrings function in type1/t1load.c in FreeType 2 b
 	NOTE: Fixed by: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a660e3de422731b94d4a134d27555430cbb6fb39 (VER-2-7)
 CVE-2016-10243 (TeX Live allows remote attackers to execute arbitrary commands by leve ...)
 	{DSA-3803-1 DLA-847-1}
-	- texlive-bin <unfixed> (unimportant)
+	- texlive-bin 2019.20190605.51237-2 (unimportant)
 	- texlive-base 2016.20161130-1
 	NOTE: https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
 	NOTE: http://www.tug.org/svn/texlive?view=revision&revision=42605



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95d1b2c8508d0981a06f6752a6c919615b9de476

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95d1b2c8508d0981a06f6752a6c919615b9de476
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200413/45e11adc/attachment.html>
