subject:"Bug#1036470\: texlive\-bin\: CVE\-2023\-32668"

Bug#1036470: texlive-bin: CVE-2023-32668

2023-05-21 Thread Salvatore Bonaccorso

Hi Hilmar! On Sun, May 21, 2023 at 09:54:30PM +0200, Preuße, Hilmar wrote: > On 21.05.2023 21:06, Salvatore Bonaccorso wrote: > > Hello Salvatore, > > > The following vulnerability was published for texlive-bin. > > > > CVE-2023-32668[0]: > > | LuaTeX before 1.17.0 allows a document (compiled w

Bug#1036470: texlive-bin: CVE-2023-32668

2023-05-21 Thread Preuße

On 21.05.2023 21:06, Salvatore Bonaccorso wrote: Hello Salvatore, The following vulnerability was published for texlive-bin. CVE-2023-32668[0]: | LuaTeX before 1.17.0 allows a document (compiled with the default | settings) to make arbitrary network requests. This occurs because full | access

Bug#1036470: texlive-bin: CVE-2023-32668

2023-05-21 Thread Salvatore Bonaccorso

Source: texlive-bin Version: 2022.20220321.62855-5 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for texlive-bin. CVE-2023-32668[0]: | LuaTeX before 1.17.0 allows a document (compiled with the defa