[texlive-nonbin] 01/01: include security update 2012.20120611-5+deb7u1

To: debian-tex-maint@lists.debian.org
Subject: [texlive-nonbin] 01/01: include security update 2012.20120611-5+deb7u1
From: Norbert Preining <preining@debian.org>
Date: Wed, 08 Mar 2017 07:18:17 +0000
Message-id: <[🔎] E1clVrV-00031i-PL@moszumanska.debian.org>
Reply-to: Norbert Preining <preining@debian.org>
In-reply-to: <[🔎] 20170308071817.11573.54796@moszumanska.debian.org>
References: <[🔎] 20170308071817.11573.54796@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

preining pushed a commit to branch for-wheezy
in repository texlive-nonbin.

commit f6003ccb75064b59a499ea3c374dd4efab9bc403
Author: Norbert Preining <preining@debian.org>
Date:   Wed Mar 8 15:57:24 2017 +0900

    include security update 2012.20120611-5+deb7u1
---
 texlive-base/debian/changelog                              |  6 ++++++
 .../debian/patches/fix-tex-arbitrary-code-execution        | 14 ++++++++++++++
 texlive-base/debian/patches/series                         |  1 +
 3 files changed, 21 insertions(+)

diff --git a/texlive-base/debian/changelog b/texlive-base/debian/changelog
index 33cd0e4..3df1dcc 100644
--- a/texlive-base/debian/changelog
+++ b/texlive-base/debian/changelog
@@ -1,3 +1,9 @@
+texlive-base (2012.20120611-5+deb7u1) wheezy-security; urgency=high
+
+  * remove mpost from list of shell_escape_commands (CVE-2016-10243)
+
+ -- Norbert Preining <preining@debian.org>  Tue, 07 Mar 2017 10:54:45 +0900
+
 texlive-base (2012.20120611-5) unstable; urgency=low
 
   * properly purge some conffiles (Closes: #688382)
diff --git a/texlive-base/debian/patches/fix-tex-arbitrary-code-execution b/texlive-base/debian/patches/fix-tex-arbitrary-code-execution
new file mode 100644
index 0000000..1d5527a
--- /dev/null
+++ b/texlive-base/debian/patches/fix-tex-arbitrary-code-execution
@@ -0,0 +1,14 @@
+---
+ texmf/web2c/texmf.cnf |    1 -
+ 1 file changed, 1 deletion(-)
+
+--- texlive-base-2012.20120611.orig/texmf/web2c/texmf.cnf
++++ texlive-base-2012.20120611/texmf/web2c/texmf.cnf
+@@ -548,7 +548,6 @@
+ bibtex,bibtex8,\
+ kpsewhich,\
+ makeindex,\
+-mpost,\
+ repstopdf,\
+ 
+ % we'd like to allow:
diff --git a/texlive-base/debian/patches/series b/texlive-base/debian/patches/series
index bb7c70a..b315101 100644
--- a/texlive-base/debian/patches/series
+++ b/texlive-base/debian/patches/series
@@ -24,3 +24,4 @@ texdoc-see-and-zip
 fix-natbib-add-spaces
 upstream_updmap-ignoring-settings
 upstream_fix_babel_french_days
+fix-tex-arbitrary-code-execution

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-tex/texlive-nonbin.git

Reply to:

References:
- [texlive-nonbin] branch for-wheezy created (now f6003cc)
  - From: Norbert Preining <preining@debian.org>

Prev by Date: [texlive-nonbin] 02/02: fix babel-french spurious warning
Next by Date: [texlive-nonbin] branch for-wheezy created (now f6003cc)
Previous by thread: [texlive-nonbin] branch for-wheezy created (now f6003cc)
Next by thread: texlive-base_2014.20141024-2+deb8u1_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates
Index(es):
- Date
- Thread