CVE-2016-10243

Priority
Medium
Description
TeX Live allows remote attackers to execute arbitrary commands by
leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf
config file.
References
Assigned-to
leosilva
Package
Upstream:released (2016.20161130-1)
Ubuntu 17.10 (Artful Aardvark):not-affected (2016.20170123-3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):released (2013.20140215-1ubuntu0.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (2015.20160320-1ubuntu0.1)
Ubuntu 17.04 (Zesty Zapus):not-affected (2016.20170123-3)
Patches:
Patch:http://www.tug.org/svn/texlive?view=revision&revision=42605
Package
Upstream:needed
Ubuntu 17.10 (Artful Aardvark):needed
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needed)
Ubuntu 14.04 LTS (Trusty Tahr):needed
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 17.04 (Zesty Zapus):needed
More Information

Updated: 2017-10-23 12:23:07 UTC (commit 13562)