Advisories

Mandriva Advisories

Package name	tetex
Date	November 20th, 2001
Advisory ID	MDKSA-2001:086
Affected versions	7.1, 7.2, 8.0, 8.1, CS1.0
Synopsis	Updated tetex packages fix temporary file insecurities

Problem Description

A problem was discovered in the temporary file handling capabilities
of some teTeX filters by zen-parse. These filters are used as print
filters automatically when printing .dvi files using lpr. This can
lead to elevated privileges. This update relies on the updated mktemp
packages for 7.x in MDKA-2001:021, which gives mktemp the ability to
create temporary directories. 8.x users already have a mktemp that
works in this fashion.

Updated Packages

Mandrakelinux 7.1

 03ef1ee1b633f7b15a96e0aaeb7add41  7.1/RPMS/tetex-1.0.7-6.1mdk.i586.rpm
d8adc388002098ee54c25a85e48a1861  7.1/RPMS/tetex-afm-1.0.7-6.1mdk.i586.rpm
bf8af031068beb610175b69c2f56bf83  7.1/RPMS/tetex-doc-1.0.7-6.1mdk.i586.rpm
f1a8dfd94a0da14dc9446d7a1d58f227  7.1/RPMS/tetex-dvilj-1.0.7-6.1mdk.i586.rpm
25ed14dcdd9b3ba3862387d22eab47ca  7.1/RPMS/tetex-dvips-1.0.7-6.1mdk.i586.rpm
0a2951e2aee8ed37a2b206efa37e0a90  7.1/RPMS/tetex-latex-1.0.7-6.1mdk.i586.rpm
c5c7882c0d386ca5176464b52b583afa  7.1/RPMS/tetex-xdvi-1.0.7-6.1mdk.i586.rpm
f25809018552ee50468b8695562703f5  7.1/SRPMS/tetex-1.0.7-6.1mdk.src.rpm

Mandrakelinux 7.2

 51007b87bf1dba689b08a7a2d481409d  7.2/RPMS/tetex-1.0.7-11.1mdk.i586.rpm
df7ecae9c6f7080ed3e869e5f5723dfb  7.2/RPMS/tetex-afm-1.0.7-11.1mdk.i586.rpm
046adf359223e78bfb174128019f8c2b  7.2/RPMS/tetex-doc-1.0.7-11.1mdk.i586.rpm
8924196a007e4358fbb4295ad0ffdd08  7.2/RPMS/tetex-dvilj-1.0.7-11.1mdk.i586.rpm
95713800fbf8d5cecaeeb4f0112ab0bb  7.2/RPMS/tetex-dvips-1.0.7-11.1mdk.i586.rpm
3ae21fe8d70ef236944be4a3f065c053  7.2/RPMS/tetex-latex-1.0.7-11.1mdk.i586.rpm
313f849bb6578966e78463799d37b019  7.2/RPMS/tetex-xdvi-1.0.7-11.1mdk.i586.rpm
f7f1a22b452d0acdbbc9424f73686ab5  7.2/SRPMS/tetex-1.0.7-11.1mdk.src.rpm

Mandrakelinux 8.0

 a5e5697f6b6c521e3132a0ccaa3bcdaa  8.0/RPMS/tetex-1.0.7-21.1mdk.i586.rpm
37132ac11983dfccb2ee7c1d9ff0203d  8.0/RPMS/tetex-afm-1.0.7-21.1mdk.i586.rpm
658a56ca65ddddfc0d4a288eec16a5d5  8.0/RPMS/tetex-doc-1.0.7-21.1mdk.i586.rpm
6213815683453df4029c4190c3ca4285  8.0/RPMS/tetex-dvilj-1.0.7-21.1mdk.i586.rpm
b79a68dbfba6c2bbc9455e93c3aa9b08  8.0/RPMS/tetex-dvipdfm-1.0.7-21.1mdk.i586.rpm
7c78663dff6b7d6110d52360ffe51bdf  8.0/RPMS/tetex-dvips-1.0.7-21.1mdk.i586.rpm
63e5cce1fed58e0870f067ef7d345f83  8.0/RPMS/tetex-latex-1.0.7-21.1mdk.i586.rpm
73d00015e30e78cdaf4fed01863696f2  8.0/RPMS/tetex-xdvi-1.0.7-21.1mdk.i586.rpm
c9d8502ab2e9ee1cbce62074dafc9ea9  8.0/SRPMS/tetex-1.0.7-21.1mdk.src.rpm

Mandrakelinux 8.0/PPC

 4c4431b6b402049f1616519b7f17f4e3  ppc/8.0/RPMS/tetex-1.0.7-21.1mdk.ppc.rpm
044a5b357a7a5e6c5e6b75f917427333  ppc/8.0/RPMS/tetex-afm-1.0.7-21.1mdk.ppc.rpm
ae24f1aae2d0cc8fe306256916fd7c45  ppc/8.0/RPMS/tetex-doc-1.0.7-21.1mdk.ppc.rpm
26c8812140346ca3524974b44487fd26  ppc/8.0/RPMS/tetex-dvilj-1.0.7-21.1mdk.ppc.rpm
127a7b1c4a8cce9e54315508ad6f4db7  ppc/8.0/RPMS/tetex-dvipdfm-1.0.7-21.1mdk.ppc.rpm
a3eba4dac3b4f0944b26a4a3b625d95e  ppc/8.0/RPMS/tetex-dvips-1.0.7-21.1mdk.ppc.rpm
0316f1614af04b923ffd20b95cb98f3e  ppc/8.0/RPMS/tetex-latex-1.0.7-21.1mdk.ppc.rpm
9c02e6a5ed8ed4d3f5cf9ce7637703f4  ppc/8.0/RPMS/tetex-xdvi-1.0.7-21.1mdk.ppc.rpm
c9d8502ab2e9ee1cbce62074dafc9ea9  ppc/8.0/SRPMS/tetex-1.0.7-21.1mdk.src.rpm

Mandrakelinux 8.1

 2d7aaee76ce94274b105c89ae9104d9e  8.1/RPMS/tetex-1.0.7-31.1mdk.i586.rpm
ea793c3d29c61bd5cafbf90a7ab93ac7  8.1/RPMS/tetex-afm-1.0.7-31.1mdk.i586.rpm
fcc2d001813252656f5b2c5a140c3937  8.1/RPMS/tetex-doc-1.0.7-31.1mdk.i586.rpm
53881ceff47afb6723b22f5dee508cec  8.1/RPMS/tetex-dvilj-1.0.7-31.1mdk.i586.rpm
ce6fd105fdc6dcee614747b02fad8e52  8.1/RPMS/tetex-dvipdfm-1.0.7-31.1mdk.i586.rpm
2bd08b27ad7961e5405532f58ca840b0  8.1/RPMS/tetex-dvips-1.0.7-31.1mdk.i586.rpm
a454c5cf0e0031a85e6ecfd9e6e32c5e  8.1/RPMS/tetex-latex-1.0.7-31.1mdk.i586.rpm
55841068d15f1509a3bbefa9ecf89865  8.1/RPMS/tetex-xdvi-1.0.7-31.1mdk.i586.rpm
295d0cd04109922869668dcd21f203b5  8.1/SRPMS/tetex-1.0.7-31.1mdk.src.rpm

Corporate Server 1.0.1

 03ef1ee1b633f7b15a96e0aaeb7add41  1.0.1/RPMS/tetex-1.0.7-6.1mdk.i586.rpm
d8adc388002098ee54c25a85e48a1861  1.0.1/RPMS/tetex-afm-1.0.7-6.1mdk.i586.rpm
bf8af031068beb610175b69c2f56bf83  1.0.1/RPMS/tetex-doc-1.0.7-6.1mdk.i586.rpm
f1a8dfd94a0da14dc9446d7a1d58f227  1.0.1/RPMS/tetex-dvilj-1.0.7-6.1mdk.i586.rpm
25ed14dcdd9b3ba3862387d22eab47ca  1.0.1/RPMS/tetex-dvips-1.0.7-6.1mdk.i586.rpm
0a2951e2aee8ed37a2b206efa37e0a90  1.0.1/RPMS/tetex-latex-1.0.7-6.1mdk.i586.rpm
c5c7882c0d386ca5176464b52b583afa  1.0.1/RPMS/tetex-xdvi-1.0.7-6.1mdk.i586.rpm
f25809018552ee50468b8695562703f5  1.0.1/SRPMS/tetex-1.0.7-6.1mdk.src.rpm

References

http://www.securityfocus.com/archive/1/192647
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=43342

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer