Am 29.01.2023 um 00:00 teilte Frank Heckenbach mit: Hello Frank,
Package: texlive-pictures Version: 2020.20210202-3 Severity: grave File: /usr/share/texlive/texmf-dist/scripts/epspdf/epspdf.tlu Classic /tmp write vulnerability: function dir_writable writes to "/tmp/1" (and if this fails, "/tmp/2" etc.) without sufficient checks. Harmless demonstration:
Siep Kroonenberg released a new version of that epspdf.tlu. I've put a new package of texlive-pictures here [1]. Let me know if that solves the issue for you. I'd like to upload the new package ASAP. Hilmar [1] https://freeshell.de/~hille42/TL_2023-2/ -- sigfault
