USN-3788-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-3788-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3788-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/USN-3788-1
Related
Published
2018-10-11T17:28:32.310774Z
Modified
2018-10-11T17:28:32.310774Z
Summary
texlive-bin vulnerabilities
Details

Jakub Wilk discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-5700)

It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2018-17407)

References

Affected packages

Ubuntu:14.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2013.20130729.30972-2ubuntu0.1

Affected versions

2013.*

2013.20130529.30792-1build2
2013.20130729.30972-2
2013.20130729.30972-2build1
2013.20130729.30972-2build2
2013.20130729.30972-2build3

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "libkpathsea-dev"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "libkpathsea6"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "libkpathsea6-dbgsym"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "libptexenc-dev"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "libptexenc1"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "libptexenc1-dbgsym"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "texlive-binaries"
        },
        {
            "binary_version": "2013.20130729.30972-2ubuntu0.1",
            "binary_name": "texlive-binaries-dbgsym"
        }
    ]
}

Ubuntu:16.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2015.20160222.37495-1ubuntu0.1

Affected versions

2015.*

2015.20150524.37493-5build1
2015.20150524.37493-7
2015.20150524.37493-7build1
2015.20150524.37493-7build4
2015.20160222.37495-1

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libkpathsea-dev"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libkpathsea6"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libkpathsea6-dbgsym"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libptexenc-dev"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libptexenc1"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libptexenc1-dbgsym"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libsynctex-dev"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libsynctex1"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libsynctex1-dbgsym"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libtexlua52"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libtexlua52-dbgsym"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libtexlua52-dev"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libtexluajit-dev"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libtexluajit2"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "libtexluajit2-dbgsym"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "texlive-binaries"
        },
        {
            "binary_version": "2015.20160222.37495-1ubuntu0.1",
            "binary_name": "texlive-binaries-dbgsym"
        }
    ]
}

Ubuntu:18.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2017.20170613.44572-8ubuntu0.1

Affected versions

2017.*

2017.20170613.44572-5build1
2017.20170613.44572-5build2
2017.20170613.44572-6
2017.20170613.44572-6build1
2017.20170613.44572-6ubuntu1
2017.20170613.44572-8build1

Ecosystem specific 

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libkpathsea-dev"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libkpathsea6"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libkpathsea6-dbgsym"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libptexenc-dev"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libptexenc1"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libptexenc1-dbgsym"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libsynctex-dev"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libsynctex1"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libsynctex1-dbgsym"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libtexlua52"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libtexlua52-dbgsym"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libtexlua52-dev"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libtexluajit-dev"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libtexluajit2"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "libtexluajit2-dbgsym"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "texlive-binaries"
        },
        {
            "binary_version": "2017.20170613.44572-8ubuntu0.1",
            "binary_name": "texlive-binaries-dbgsym"
        }
    ]
}