Candidate: CVE-2019-18604
PublicDate: 2019-10-29 19:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604
 https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a
Description:
 In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as
 distributed in TeXLive and other collections, sprintf is mishandled.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]


Patches_texlive-bin:
upstream_texlive-bin: released (2020.20200327.54578-2)
precise/esm_texlive-bin: DNE
trusty_texlive-bin: ignored (out of standard support)
trusty/esm_texlive-bin: DNE
xenial_texlive-bin: not-affected (code not present)
esm-infra/xenial_texlive-bin: not-affected (code not present)
bionic_texlive-bin: not-affected (code not present)
disco_texlive-bin: ignored (reached end-of-life)
eoan_texlive-bin: ignored (reached end-of-life)
focal_texlive-bin: needed
groovy_texlive-bin: not-affected (2020.20200327.54578-4build1)
hirsute_texlive-bin: not-affected (2020.20200327.54578-5)
impish_texlive-bin: not-affected (2020.20200327.54578-5)
jammy_texlive-bin: not-affected (2020.20200327.54578-5)
devel_texlive-bin: not-affected (2020.20200327.54578-5)