=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2011/VULN194
_____________________________________________________________________

DATE                      : 07/03/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       :  Fedora version 13, 14 running TeXmacs versions
                               prior to 1.0.7.9-2.fc13, 1.0.7.9-2.fc14.

======================================================================
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055054.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055041.html
______________________________________________________________________

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-2127
2011-02-24 20:24:46
--------------------------------------------------------------------------------

Name        : TeXmacs
Product     : Fedora 14
Version     : 1.0.7.9
Release     : 2.fc14
URL         : http://www.texmacs.org
Summary     : Structured WYSIWYG scientific text editor
Description :
GNU TeXmacs is a free scientific text editor, which was both inspired
by TeX and GNU Emacs. The editor allows you to write structured
documents via a WYSIWYG (what-you-see-is-what-you-get) and user
friendly interface.  New styles may be created by the user. The
program implements high-quality typesetting algorithms and TeX fonts,
which help you to produce professionally looking documents.

The high typesetting quality still goes through for automatically
generated formulas, which makes TeXmacs suitable as an interface for
computer algebra systems. TeXmacs also supports the Guile/Scheme
extension language, so that you may customize the interface and write
your own extensions to the editor.

In the future, TeXmacs is planned to evolve towards a complete
scientific office suite, with spreadsheet capacities, a technical
drawing editor and a presentation mode.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2010-3394 (#638428)
package fonts according to fedora font packaging guidelines (#477464)
update to 1.0.7.9 (#593625)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 23 2011 Jindrich Novy <jnovy at redhat.com> - 1.0.7.9-2
- first attempt to package fonts according to fedora font
   packaging guidelines (#477464)
- fix CVE-2010-3394 (#638428)
- fix Requires
- fix build -> broken util.h usage
- fix desktop categories
- remove BuildRoot
* Sun Feb 13 2011 Gérard Milmeister <gemi at bluewin.ch> - 1.0.7.9-1
- new release 1.0.7.9
--------------------------------------------------------------------------------
References:

   [ 1 ] Bug #638428 - CVE-2010-3394 TeXmacs: insecure library loading vulnerability [fedora-all]
         https://bugzilla.redhat.com/show_bug.cgi?id=638428
   [ 2 ] Bug #477464 - [TeXmacs] Please convert to new font packaging guidelines
         https://bugzilla.redhat.com/show_bug.cgi?id=477464
   [ 3 ] Bug #593625 - TeXmacs-1.0.7.9 is available
         https://bugzilla.redhat.com/show_bug.cgi?id=593625
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update TeXmacs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_________________________________________________________________________________

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-2146
2011-02-24 20:25:29
--------------------------------------------------------------------------------

Name        : TeXmacs
Product     : Fedora 13
Version     : 1.0.7.9
Release     : 2.fc13
URL         : http://www.texmacs.org
Summary     : Structured WYSIWYG scientific text editor
Description :
GNU TeXmacs is a free scientific text editor, which was both inspired
by TeX and GNU Emacs. The editor allows you to write structured
documents via a WYSIWYG (what-you-see-is-what-you-get) and user
friendly interface.  New styles may be created by the user. The
program implements high-quality typesetting algorithms and TeX fonts,
which help you to produce professionally looking documents.

The high typesetting quality still goes through for automatically
generated formulas, which makes TeXmacs suitable as an interface for
computer algebra systems. TeXmacs also supports the Guile/Scheme
extension language, so that you may customize the interface and write
your own extensions to the editor.

In the future, TeXmacs is planned to evolve towards a complete
scientific office suite, with spreadsheet capacities, a technical
drawing editor and a presentation mode.

--------------------------------------------------------------------------------
Update Information:

fix CVE-2010-3394 (#638428)
package fonts according to fedora font packaging guidelines (#477464)
update to 1.0.7.9 (#593625)

--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb 23 2011 Jindrich Novy <jnovy at redhat.com> - 1.0.7.9-2
- update to 1.0.7.9
- fix CVE-2010-3394 (#638428)
- first attempt to package fonts according to fedora font
   packaging guidelines (#477464)
- fix Requires
- fix build -> broken util.h usage
- fix desktop categories
- remove BuildRoot
--------------------------------------------------------------------------------
References:

   [ 1 ] Bug #638428 - CVE-2010-3394 TeXmacs: insecure library loading vulnerability [fedora-all]
         https://bugzilla.redhat.com/show_bug.cgi?id=638428
   [ 2 ] Bug #477464 - [TeXmacs] Please convert to new font packaging guidelines
         https://bugzilla.redhat.com/show_bug.cgi?id=477464
   [ 3 ] Bug #593625 - TeXmacs-1.0.7.9 is available
         https://bugzilla.redhat.com/show_bug.cgi?id=593625
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update TeXmacs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================