Fix CVE-2023-32700

2023-07-03 16:14:37 +08:00 · 2023-07-03 16:14:37 +08:00 · ec69462a0a
commit ec69462a0a
parent 0cac5ed149
2 changed files with 1174 additions and 1 deletions
--- a/CVE-2023-32700.patch
+++ b/CVE-2023-32700.patch
--- a/texlive-base.spec
+++ b/texlive-base.spec
@ -4,7 +4,7 @@

 Name:           texlive-base
 Version:        20180414
-Release:        31
+Release:        32
 Epoch:          7
 Summary:        TeX formatting system
 License:        ASL 2.0 and Artistic 2.0 and BSD and GFDL-1.1-or-later and GPL+ and GPLv2 and GPLv3 and Knuth-CTAN and LGPLv2+ and LGPLv3+ and LPPL-1.2 and LPPL-1.3 and LPPL-1.3c and OFL-1.1 and Public Domain
@ -379,6 +379,7 @@ Patch0002:      tl-format.patch
 Patch0003:      texlive-20180414-synctex-version.patch
 Patch0004:      texlive-base-CVE-2018-17407.patch
 Patch0005:      remove-support-of-poppler.patch
+Patch0006:      CVE-2023-32700.patch

 BuildRequires:  xz libXaw-devel libXi-devel ncurses-devel bison flex file perl(Digest::MD5) texinfo gcc-c++
 BuildRequires:  gd-devel freetype-devel libpng-devel zlib-devel
@ -8094,6 +8095,9 @@ done <<< "$list"
 %doc %{_datadir}/texlive/texmf-dist/doc/latex/yplan/

 %changelog
+* Mon Jul 03 2023 yaoxin <yao_xin001@hoperun.com> - 7:20180414-32
+- Fix CVE-2023-32700
+
 * Tue Mar 21 2023 yaoxin <yaoxin30@h-partners.com> - 7:20180414-31
 - Fix the license error