On Sat, Nov 16, 2019 at 12:56:51PM +0100, Daniel wrote:
> Just because some users might be able to do this doesn't mean that all LyX
> users on Windows are able to. Using Linux and, in particular, via the Linux
> Subsystem isn't something that comes easy for many Windows users. The Linux
>
On 11/15/19 12:27 PM, Pavel Sanda wrote:
> On Fri, Nov 15, 2019 at 10:29:37AM -0500, John wrote:
>> Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
>> version is subject to multiple buffer overflows (stack and heap) and
>> several other vulnerabilities, allowing remote code
On 11/16/19 6:56 AM, Daniel wrote:
> On 15/11/19 18:27, Pavel Sanda wrote:
>> On Fri, Nov 15, 2019 at 10:29:37AM -0500, John wrote:
>>> Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
>>> version is subject to multiple buffer overflows (stack and heap) and
>>> several other
On 15/11/19 18:27, Pavel Sanda wrote:
On Fri, Nov 15, 2019 at 10:29:37AM -0500, John wrote:
Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
version is subject to multiple buffer overflows (stack and heap) and
several other vulnerabilities, allowing remote code execution
On Fri, Nov 15, 2019 at 10:29:37AM -0500, John wrote:
> Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
> version is subject to multiple buffer overflows (stack and heap) and
> several other vulnerabilities, allowing remote code execution if the user
> opens a LyX document
Lyx for Windows installer 2.3.3-1 installs ImageMagick 7.0.7-27. This
version is subject to multiple buffer overflows (stack and heap) and
several other vulnerabilities, allowing remote code execution if the user
opens a LyX document incorporating a specially-crafted image.
Solution: Upgrade to