Summary: | [new ebuild] dev-tex/mimetex (a TeX preview generator for html/SS pages) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Federico Ferri (RETIRED) <mescalinum> |
Component: | New packages | Assignee: | Default Assignee for New Packages <maintainer-wanted> |
Status: | CONFIRMED --- | ||
Severity: | enhancement | CC: | volkmar |
Priority: | High | Keywords: | EBUILD |
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
URL: | http://www.forkosh.dreamhost.com/mimetex.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
dev-tex/mimetex/mimetex-20070331.ebuild
dev-tex/mimetex/mimetex-20070331.ebuild |
Description
Federico Ferri (RETIRED)
2007-03-31 16:47:54 UTC
Created attachment 115063 [details]
dev-tex/mimetex/mimetex-20070331.ebuild
Created attachment 115076 [details]
dev-tex/mimetex/mimetex-20070331.ebuild
Changed `gcc` to $(tc-getCC) as a developer suggested
in sunrise overlay There has been a vulnerability report for mimetex: ================================================================================ Name: CVE-2009-1382 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1382 Published: 2009-07-14 Severity: High Description: Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags. Please consider fixing this issue in sunrise. Note that the Security Team requires this issue to be fixed before the package can enter the official Portage tree. Thanks. Another vulnerability: ================================================================================ Name: CVE-2009-2459 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2459 Published: 2009-07-14 Severity: High Description: Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \environ, (2) \input, and (3) \counter TeX directives. the person that is mirroring mimetex sources for gentoo (tommy?) should take care of this The mirrored tarball SRC_URI is no longer valid. Is anyone interested in mirroring the tarball once again or should I mask it for removal? The package has been removed from the Sunrise overlay. |