USN-3401-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-3401-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-3401-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3401-1
Related
Published
2017-08-22T13:10:33.877329Z
Modified
2017-08-22T13:10:33.877329Z
Summary
texlive-base vulnerability
Details

It was discovered that TeX Live incorrectly handled certain system commands. If a user were tricked into processing a specially crafted TeX file, a remote attacker could execute arbitrary code.

References

Affected packages

Ubuntu:14.04:LTS / texlive-base

Package

Name
texlive-base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2013.20140215-1ubuntu0.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "texlive-pictures": "2013.20140215-1ubuntu0.1",
            "texlive-latex-base-doc": "2013.20140215-1ubuntu0.1",
            "texlive-full": "2013.20140215-1ubuntu0.1",
            "texlive-latex-base": "2013.20140215-1ubuntu0.1",
            "texlive-pictures-doc": "2013.20140215-1ubuntu0.1",
            "texlive-xetex": "2013.20140215-1ubuntu0.1",
            "texlive-omega": "2013.20140215-1ubuntu0.1",
            "texlive-generic-recommended": "2013.20140215-1ubuntu0.1",
            "texlive-fonts-recommended-doc": "2013.20140215-1ubuntu0.1",
            "texlive-metapost": "2013.20140215-1ubuntu0.1",
            "texlive-fonts-recommended": "2013.20140215-1ubuntu0.1",
            "texlive-base": "2013.20140215-1ubuntu0.1",
            "texlive-latex-recommended-doc": "2013.20140215-1ubuntu0.1",
            "texlive-metapost-doc": "2013.20140215-1ubuntu0.1",
            "texlive-luatex": "2013.20140215-1ubuntu0.1",
            "texlive-latex-recommended": "2013.20140215-1ubuntu0.1",
            "texlive": "2013.20140215-1ubuntu0.1"
        }
    ]
}

Ubuntu:16.04:LTS / texlive-base

Package

Name
texlive-base

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2015.20160320-1ubuntu0.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "texlive-pictures": "2015.20160320-1ubuntu0.1",
            "texlive-latex-base-doc": "2015.20160320-1ubuntu0.1",
            "luasseq": "2015.20160320-1ubuntu0.1",
            "texlive-full": "2015.20160320-1ubuntu0.1",
            "texlive-latex-base": "2015.20160320-1ubuntu0.1",
            "texlive-pictures-doc": "2015.20160320-1ubuntu0.1",
            "texlive-xetex": "2015.20160320-1ubuntu0.1",
            "texlive-omega": "2015.20160320-1ubuntu0.1",
            "texlive-generic-recommended": "2015.20160320-1ubuntu0.1",
            "texlive-fonts-recommended-doc": "2015.20160320-1ubuntu0.1",
            "texlive-metapost": "2015.20160320-1ubuntu0.1",
            "texlive-fonts-recommended": "2015.20160320-1ubuntu0.1",
            "texlive-base": "2015.20160320-1ubuntu0.1",
            "texlive-latex-recommended-doc": "2015.20160320-1ubuntu0.1",
            "texlive-metapost-doc": "2015.20160320-1ubuntu0.1",
            "texlive-luatex": "2015.20160320-1ubuntu0.1",
            "texlive-latex-recommended": "2015.20160320-1ubuntu0.1",
            "texlive": "2015.20160320-1ubuntu0.1"
        }
    ]
}