Bug#1029913: texlive-pictures: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu: /tmp write vulnerability

To: Frank Heckenbach <f.heckenbach@fh-soft.de>
Cc: 1029913@bugs.debian.org
Subject: Bug#1029913: texlive-pictures: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu: /tmp write vulnerability
From: Hilmar Preuße <hille42@web.de>
Date: Wed, 15 Feb 2023 15:11:30 +0100
Message-id: <[🔎] 4c563b22-8186-2ed0-17f7-b93c5f256ca8@web.de>
Reply-to: Hilmar Preuße <hille42@web.de>, 1029913@bugs.debian.org
In-reply-to: <E1pLuBn-00FGcX-Pv@mars>
References: <E1pLuBn-00FGcX-Pv@mars> <E1pLuBn-00FGcX-Pv@mars>

Am 29.01.2023 um 00:00 teilte Frank Heckenbach mit:

Hello Frank,

Package: texlive-pictures
Version: 2020.20210202-3
Severity: grave
File: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu

Classic /tmp write vulnerability: function dir_writable writes to
"/tmp/1" (and if this fails, "/tmp/2" etc.) without sufficient
checks.

Harmless demonstration:


Siep Kroonenberg released a new version of that epspdf.tlu. I've put a
new package of texlive-pictures here [1]. Let me know if that solves the
issue for you. I'd like to upload the new package ASAP.

Hilmar

[1] https://freeshell.de/~hille42/TL_2023-2/
--
sigfault

Reply to:

Prev by Date: Bug#1023391: texlive-full: The EB Garamond font is not installed properly within debian texlive-full
Next by Date: Bug#1029913: Fwd: Bug#1029913: texlive-pictures: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu: /tmp write vulnerability
Previous by thread: asymptote_2.85+ds-1_source.changes ACCEPTED into unstable
Next by thread: Bug#1029913: Fwd: Bug#1029913: texlive-pictures: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu: /tmp write vulnerability
Index(es):
- Date
- Thread