Source: mathtex Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for mathtex.
CVE-2009-2461[0]: | mathtex.cgi in mathTeX, when downloaded before 20090713, does not | securely create temporary files, which has unspecified impact and | local attack vectors. CVE-2009-2460[1]: | Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when | downloaded before 20090713, have unspecified impact and remote attack | vectors. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. There is a new upstream release which fixes these issues. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2461 http://security-tracker.debian.net/tracker/CVE-2009-2461 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2460 http://security-tracker.debian.net/tracker/CVE-2009-2460 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpiZSgWYsuuY.pgp
Description: PGP signature
