[MacPorts] #29631: t1lib needs patch for afm parser; has other unpatched issues

MacPorts noreply at macports.org
Sun May 29 05:18:19 PDT 2011


#29631: t1lib needs patch for afm parser; has other unpatched issues
------------------------------+---------------------------------------------
 Reporter:  gnwiii@…          |       Owner:  macports-tickets@…                   
     Type:  defect            |      Status:  new                                  
 Priority:  Normal            |   Milestone:                                       
Component:  ports             |     Version:  1.9.2                                
 Keywords:  graphics          |        Port:  t1lib                                
------------------------------+---------------------------------------------
 t1lib is the subject of 4 Security Vulnerabilities Published In 2011
 http://www.cvedetails.com/cve/CVE-2011-1554/
 http://www.cvedetails.com/cve/CVE-2011-1553/
 http://www.cvedetails.com/cve/CVE-2011-1552/
 http://www.cvedetails.com/cve/CVE-2011-0764/

 and in 2010: http://www.cvedetails.com/cve/CVE-2010-2642/,
 http://secunia.com/advisories/cve_reference/CVE-2010-2642/

 texlive 2011-pretest provides a patch for some issues in the AFM parser:

 patch-01-buffer-limit (new): Avoid buffer overflow in
         lib/t1lib/parseAFM.c token() and linetoken().
         http://secunia.com/advisories/43491/

-- 
Ticket URL: <https://trac.macports.org/ticket/29631>
MacPorts <http://www.macports.org/>
Ports system for Mac OS


More information about the macports-tickets mailing list