[XeTeX] Graphite vulnerability

maxwell maxwell at umiacs.umd.edu
Fri Feb 19 06:19:48 CET 2016


There is a vulnerability in the Graphite library:
http://news.softpedia.com/news/vulnerability-in-font-processing-library-affects-linux-openoffice-firefox-500027.shtml
Reportedly the problems have been patched in version 1.3.5 of Graphite2. 
  But the version of xetex I'm using (3.14159265-2.6-0.99992, from the 
TeX Live 2015 distro) says it uses Graphite2 v1.2.3.  Will the next TeX 
Live distro's version of xetex use >= v.1.3.5?
-- 
	Mike Maxwell
	maxwell at umiacs.umd.edu
	"I cannot believe that our existence in this universe
	is a mere quirk of fate, an accident of history, an
	incidental blip in the great cosmic drama. Our
	involvement is too intimate. The physical species
	Homo may count for nothing, but the existence of
	mind in some organism on some planet in the universe
	is surely a fact of fundamental significance. Through
	conscious beings the universe has generated
	self-awareness." --Paul Davies


More information about the XeTeX mailing list