ALAS-2012-048

Amazon Linux 1 Security Advisory: ALAS-2012-48
Advisory Release Date: 2012-03-04 16:08 Pacific
Advisory Updated Date: 2014-09-14 15:23 Pacific

Severity: Medium

References: CVE-2010-2642 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554 RHSA-2012-0137
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code:

Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened by a TeX Live utility, it could cause the utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2010-2642, CVE-2011-0433)

An invalid pointer dereference flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2011-0764)

A use-after-free flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2011-1553)

An off-by-one flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2011-1554)

An out-of-bounds memory read flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash. (CVE-2011-1552)

Affected Packages:

texlive

Issue Correction:
Run yum update texlive to update your system.

New Packages:

i686:
    texlive-dviutils-2007-57.9.amzn1.i686
    kpathsea-2007-57.9.amzn1.i686
    texlive-context-2007-57.9.amzn1.i686
    texlive-afm-2007-57.9.amzn1.i686
    mendexk-2.6e-57.9.amzn1.i686
    texlive-xetex-2007-57.9.amzn1.i686
    texlive-east-asian-2007-57.9.amzn1.i686
    texlive-debuginfo-2007-57.9.amzn1.i686
    texlive-utils-2007-57.9.amzn1.i686
    texlive-dvips-2007-57.9.amzn1.i686
    texlive-latex-2007-57.9.amzn1.i686
    kpathsea-devel-2007-57.9.amzn1.i686
    texlive-2007-57.9.amzn1.i686

src:
    texlive-2007-57.9.amzn1.src

x86_64:
    texlive-dvips-2007-57.9.amzn1.x86_64
    mendexk-2.6e-57.9.amzn1.x86_64
    texlive-2007-57.9.amzn1.x86_64
    kpathsea-2007-57.9.amzn1.x86_64
    texlive-debuginfo-2007-57.9.amzn1.x86_64
    texlive-context-2007-57.9.amzn1.x86_64
    texlive-afm-2007-57.9.amzn1.x86_64
    texlive-latex-2007-57.9.amzn1.x86_64
    texlive-utils-2007-57.9.amzn1.x86_64
    texlive-xetex-2007-57.9.amzn1.x86_64
    texlive-east-asian-2007-57.9.amzn1.x86_64
    texlive-dviutils-2007-57.9.amzn1.x86_64
    kpathsea-devel-2007-57.9.amzn1.x86_64

Additional References

Red Hat: CVE-2010-2642, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554

Mitre: CVE-2010-2642, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554