Hi,
My companies locked down desktop environment forces a weekly virus scan.
Yesterday's (Mon 27/07) scan deleted (without recourse unfortunately)
files from the texlive-collection-fontsrecommended, claiming they were
infected(??) with CVE-2015-2426
(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2426).
Here's the list of files that were deleted:
$ cygcheck -vc texlive-collection-fontsrecommended
Cygwin Package Information
Last downloaded files to: c:\Users\Public\Downloads\cygwin-x86-setuparea
Last downloaded files from:
http://mirror.aarnet.edu.au/pub/sourceware/cygwin/
Package Version Status
Missing file:
/usr/share/texmf-dist/fonts/opentype/public/lm-math/latinmodern-math.otf
from package texlive-collection-fontsrecommended
Missing file:
/usr/share/texmf-dist/fonts/opentype/public/tex-gyre-math/texgyrebonum-math.otf
from package texlive-collection-fontsrecommended
Missing file:
/usr/share/texmf-dist/fonts/opentype/public/tex-gyre-math/texgyreschola-math.otf
from package texlive-collection-fontsrecommended
Missing file:
/usr/share/texmf-dist/fonts/opentype/public/tex-gyre-math/texgyretermes-math.otf
from package texlive-collection-fontsrecommended
texlive-collection-fontsrecommended 20140523-2 Incomplete
And the description of the vulnerability:
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library
in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,
Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,
and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary
code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."
Is this a false positive on the part of the Virus Scanner? Or, as the
package is dated from before the vulnerability report, does the package
need an update?
--
Thanks in advance,
Shaddy
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
