CVE-2007-5936
Published: 13 November 2007
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
Notes
| Author | Note |
|---|---|
| jdstrand | fixed with Debian's dviljk-security-fixes |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
tetex-bin Launchpad, Ubuntu, Debian |
dapper |
Released
(3.0-13ubuntu6.1)
|
| edgy |
Released
(3.0-17ubuntu2.1)
|
|
| feisty |
Released
(3.0-27ubuntu1.2)
|
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| upstream |
Needed
|
|
|
texlive-bin Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| edgy |
Ignored
(end of life, was needed)
|
|
| feisty |
Ignored
(end of life, was needed)
|
|
| gutsy |
Released
(2007-12ubuntu3.1)
|
|
| hardy |
Not vulnerable
(2007.dfsg.1-2)
|
|
| upstream |
Needed
|