Re: [XeTeX] How to manually create the xelatex.fmt?

Fri, 21 Oct 2011 00:42:34 -0700 

On Fri, Oct 21, 2011 at 12:22 AM, Philip TAYLOR (Webmaster, Ret'd)
<p.tay...@rhul.ac.uk> wrote:
>
>
> Chris Travers wrote:
>
>> If TexLive had been around in 2002 and was statically linking to zlib,
>> it would have been affected too.  TeX does not link against zlib but
>> LaTeX and XeTeX do.
>>
>> Similarly, arbitrary code execution vulnerabilities have been found in
>> 2005 in libjpeg (also linked to by LaTeX and XeTeX).  Again these
>> predate TexLive.
>
> Chris, these statements have to be wrong, at least in part :
> if TeX does not link against Zlib, then neither does LaTeX --
> they are one and the same engine.  -- ditto -- LibJpeg.
>
Hmmm


[chris@chris-dev2 ~]$ ldd /usr/bin/latex
        linux-gate.so.1 =>  (0x00232000)
        libpng12.so.0 => /usr/lib/libpng12.so.0 (0x003ae000)
        libz.so.1 => /lib/libz.so.1 (0x00d6b000)
zlib: ^^^^^
        libkpathsea.so.4 => /usr/lib/libkpathsea.so.4 (0x00d80000)
        libpoppler.so.5 => /usr/lib/libpoppler.so.5 (0x04516000)
        libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x040c0000)
        libm.so.6 => /lib/libm.so.6 (0x00d1b000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x040a0000)
        libc.so.6 => /lib/libc.so.6 (0x00b8e000)
        liblcms.so.1 => /usr/lib/liblcms.so.1 (0x04ae1000)
        libjpeg.so.62 => /usr/lib/libjpeg.so.62 (0x0478e000)
libjpeg: ^^^^^
        libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x003d8000)
        libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x00485000)
        libopenjpeg.so.2 => /usr/lib/libopenjpeg.so.2 (0x005af000)
        /lib/ld-linux.so.2 (0x00b6c000)
        libexpat.so.1 => /lib/libexpat.so.1 (0x00384000)

Wondering where these are coming from.

similarly

[chris@chris-dev2 ~]$ ldd /usr/bin/xetex
        linux-gate.so.1 =>  (0x00825000)
        libTECkit.so.0 => /usr/lib/libTECkit.so.0 (0x00be2000)
        libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x003d8000)
        libz.so.1 => /lib/libz.so.1 (0x00d6b000)
zlib: ^^^^^^^^^^^^^
        libpng12.so.0 => /usr/lib/libpng12.so.0 (0x003ae000)
        libfontconfig.so.1 => /usr/lib/libfontconfig.so.1 (0x00485000)
        libpoppler.so.5 => /usr/lib/libpoppler.so.5 (0x04516000)
        libkpathsea.so.4 => /usr/lib/libkpathsea.so.4 (0x00d80000)
        libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x040c0000)
        libm.so.6 => /lib/libm.so.6 (0x00d1b000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x040a0000)
        libpthread.so.0 => /lib/libpthread.so.0 (0x00d47000)
        libc.so.6 => /lib/libc.so.6 (0x00640000)
        libexpat.so.1 => /lib/libexpat.so.1 (0x00384000)
        liblcms.so.1 => /usr/lib/liblcms.so.1 (0x04ae1000)
        libjpeg.so.62 => /usr/lib/libjpeg.so.62 (0x0478e000)
libjpeg: ^^^^^^^^^^^^^
        libopenjpeg.so.2 => /usr/lib/libopenjpeg.so.2 (0x005af000)
        /lib/ld-linux.so.2 (0x00b6c000)

Am I reading this wrong?

Best Wishes,
Chris Travers



--------------------------------------------------
Subscriptions, Archive, and List information, etc.:
  http://tug.org/mailman/listinfo/xetex

Reply via email to