Gentoo Security Advisory GLSA 200711-34 (cstetex) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200711-34.

Solution

CSTeX is not maintained upstream, so the package was masked in Portage. We recommend that users unmerge CSTeX: # emerge --unmerge app-text/cstetex As an alternative, users should upgrade their systems to use teTeX or TeX Live with its Babel packages. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200711-34 http://bugs.gentoo.org/show_bug.cgi?id=196673 http://www.gentoo.org/security/en/glsa/glsa-200708-05.xml http://www.gentoo.org/security/en/glsa/glsa-200709-12.xml http://www.gentoo.org/security/en/glsa/glsa-200709-17.xml http://www.gentoo.org/security/en/glsa/glsa-200710-12.xml http://www.gentoo.org/security/en/glsa/glsa-200711-22.xml http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml

Insight

Multiple vulnerabilities were discovered in CSTeX, possibly allowing to execute arbitrary code or overwrite arbitrary files.

Severity

Classification

Related Vulnerabilities

Gentoo Security Advisory GLSA 200405-07 (Exim)
Gentoo Security Advisory GLSA 200310-04 (Apache)
Gentoo Security Advisory GLSA 200407-17 (net-dialup/l2tpd)
Gentoo Security Advisory GLSA 200406-21 (mit-krb5)
Gentoo Security Advisory GLSA 200404-21 (samba)

Take action and discover your vulnerabilities