Test ID:	1.3.6.1.4.1.25623.1.0.67464
Category:	Fedora Local Security Checks
Title:	Fedora Core 13 FEDORA-2010-8314 (texlive)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to texlive announced via advisory FEDORA-2010-8314. TeXLive is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a printable file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install texlive if you want to use the TeX text formatting system. Consider to install texlive-latex (a higher level formatting package which provides an easier-to-use interface for TeX). The TeX documentation is located in the texlive-doc package. Update Information: Changes in this update: * fixes for CVE-2010-0739 and CVE-2010-1440 * adds missing defattr to filelists * fixes directory ownership of /var/lib/texmf/web2c * uses official tarball for jpatch * fixes post/postun scriptlets References: [ 1 ] Bug #572941 - CVE-2010-0739 tetex, texlive: Integer overflow by processing special commands https://bugzilla.redhat.com/show_bug.cgi?id=572941 [ 2 ] Bug #586819 - CVE-2010-1440 tetex, texlive: Integer overflow by processing special commands https://bugzilla.redhat.com/show_bug.cgi?id=586819 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update texlive' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2010-8314 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0739 39390 http://secunia.com/advisories/39390 39500 http://www.securityfocus.com/bid/39500 FEDORA-2010-8273 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html GLSA-201206-28 http://security.gentoo.org/glsa/glsa-201206-28.xml SUSE-SR:2010:012 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html SUSE-SR:2010:013 http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html USN-937-1 http://www.ubuntu.com/usn/USN-937-1 http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch https://bugzilla.redhat.com/show_bug.cgi?id=572941 oval:org.mitre.oval:def:11468 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468 Common Vulnerability Exposure (CVE) ID: CVE-2010-1440 https://bugzilla.redhat.com/show_bug.cgi?id=586819 oval:org.mitre.oval:def:10068 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10068 Common Vulnerability Exposure (CVE) ID: CVE-2010-0829 Debian Security Information: DSA-2048 (Google Search) http://www.debian.org/security/2010/dsa-2048 http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041587.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9718 http://secunia.com/advisories/39914 SuSE Security Announcement: SUSE-SR:2010:012 (Google Search) SuSE Security Announcement: SUSE-SR:2010:013 (Google Search) http://www.ubuntu.com/usn/USN-936-1 http://www.vupen.com/english/advisories/2010/1219
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.