"A buffer overflow in the handling of Type 1 fonts (.pfb files) allows arbitrary local code execution without privilege escalation when a malicious font is loaded by one of the vulnerable tools (pdflatex, pdftex, luatex, dvips)."
* Upstream fix:
* Scouted at:
Will post more links as I find them.
Gentoo Security Scout
Maintainer(s), please advise if this has been fixed.
(In reply to Yury German from comment #1)
> Maintainer(s), please advise if this has been fixed.
Fixed by having 2019 texlive release stable.
GLSA Vote: No