texlive is vulnerable to arbitrary code execution. A buffer overflow in t1_check_unusual_charstring function
in writet1.c
allows an attacker to execute arbitrary code on the system.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1036
access.redhat.com/security/updates/classification/#moderate
github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c
lists.debian.org/debian-security-announce/2018/msg00230.html
usn.ubuntu.com/3788-1/
usn.ubuntu.com/3788-2/
www.debian.org/security/2018/dsa-4299