[XeTeX] Graphite vulnerability
maxwell
maxwell at umiacs.umd.edu
Fri Feb 19 06:19:48 CET 2016
There is a vulnerability in the Graphite library:
http://news.softpedia.com/news/vulnerability-in-font-processing-library-affects-linux-openoffice-firefox-500027.shtml
Reportedly the problems have been patched in version 1.3.5 of Graphite2.
But the version of xetex I'm using (3.14159265-2.6-0.99992, from the
TeX Live 2015 distro) says it uses Graphite2 v1.2.3. Will the next TeX
Live distro's version of xetex use >= v.1.3.5?
--
Mike Maxwell
maxwell at umiacs.umd.edu
"I cannot believe that our existence in this universe
is a mere quirk of fate, an accident of history, an
incidental blip in the great cosmic drama. Our
involvement is too intimate. The physical species
Homo may count for nothing, but the existence of
mind in some organism on some planet in the universe
is surely a fact of fundamental significance. Through
conscious beings the universe has generated
self-awareness." --Paul Davies
More information about the XeTeX
mailing list