A texlive-base security update has been released for Fedora 31.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-bb5c663b83
2020-02-08 01:58:52.898857
--------------------------------------------------------------------------------
Name : texlive-base
Product : Fedora 31
Version : 20190410
Release : 8.fc31
URL : http://tug.org/texlive/
Summary : TeX formatting system
Description :
The TeX Live software distribution offers a complete TeX system for a
variety of Unix, Macintosh, Windows and other platforms. It
encompasses programs for editing, typesetting, previewing and printing
of TeX documents in many different languages, and a large collection
of TeX macros and font libraries.
The distribution includes extensive general documentation about TeX,
as well as the documentation for the included software packages.
--------------------------------------------------------------------------------
Update Information:
Resolve buffer overflow in TexOpen() function, CVE-2019-19601
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 5 2020 Than Ngo - 7:20190410-8
- fix bz#1798119 - buffer overflow in TexOpen() function, CVE-2019-19601
* Fri Jan 10 2020 Tom Callaway - 7:20190410-7
- fix python3 issue with pdfbook2 (thanks to "Mildred", bz1733794)
- fix python3 issue with latex-papersize (thanks to Silas S. Brown, bz1783964)
* Fri Nov 15 2019 Tom Callaway - 7:20190410-6
- package up the TL fork of psutils to help tlmgr find all the configs it expects
* Fri Nov 1 2019 Pete Walter - 7:20190410-5
- Rebuild for ICU 65
* Fri Oct 18 2019 Tom Callaway - 7:20190410-4
- fix dir ownership
* Wed Oct 9 2019 Jerry James - 7:20190410-3
- Rebuild for mpfr 4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1798118 - CVE-2019-19601 texlive: buffer overflow in the TexOpen() function in detex.l
https://bugzilla.redhat.com/show_bug.cgi?id=1798118
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-bb5c663b83' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys