Index: /trunk/server/common/patches/texlive-CVE-2010-1440.patch
===================================================================
--- /trunk/server/common/patches/texlive-CVE-2010-1440.patch	(revision 1557)
+++ /trunk/server/common/patches/texlive-CVE-2010-1440.patch	(revision 1557)
@@ -0,0 +1,28 @@
+--- tetex-src-3.0/texk/dvipsk/dospecial.c.orig	2010-04-29 10:25:30.000000000 -0400
++++ tetex-src-3.0/texk/dvipsk/dospecial.c	2010-04-29 10:30:10.000000000 -0400
+@@ -305,7 +305,11 @@ void predospecial P2C(integer, numbytes,
+    int j ;
+    static int omega_specials = 0;
+ 
+-   if (nextstring + numbytes > maxstring) {
++   if (numbytes < 0 || numbytes > maxstring - nextstring) {
++      if (numbytes < 0 || numbytes > (INT_MAX - 1000) / 2 ) {
++         error("! Integer overflow in predospecial");
++         exit(1);
++      }
+       p = nextstring = mymalloc(1000 + 2 * numbytes) ;
+       maxstring = nextstring + 2 * numbytes + 700 ;
+    }
+@@ -828,7 +832,11 @@ float *bbdospecial P1C(int, nbytes)
+    char seen[NKEYS] ;
+    float valseen[NKEYS] ;
+ 
+-   if (nextstring + nbytes > maxstring) {
++   if (nbytes < 0 || nbytes > maxstring - nextstring) {
++      if (nbytes < 0 || nbytes > (INT_MAX - 1000) / 2 ) {
++         error("! Integer overflow in bbdospecial");
++         exit(1);
++      }
+       p = nextstring = mymalloc(1000 + 2 * nbytes) ;
+       maxstring = nextstring + 2 * nbytes + 700 ;
+    }
Index: /trunk/server/fedora/Makefile
===================================================================
--- /trunk/server/fedora/Makefile	(revision 1556)
+++ /trunk/server/fedora/Makefile	(revision 1557)
@@ -19,5 +19,5 @@
 # See /COPYRIGHT in this repository for more information.
 
-upstream_yum	= krb5 krb5.i586 httpd openssh shadow-utils
+upstream_yum	= krb5 krb5.i586 httpd openssh shadow-utils texlive
 upstream	= openafs $(upstream_yum) moira cluster-glue heartbeat pacemaker
 oursrc		= execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr athrun php_scripts scripts-wizard scripts-base
Index: /trunk/server/fedora/specs/texlive.spec.patch
===================================================================
--- /trunk/server/fedora/specs/texlive.spec.patch	(revision 1557)
+++ /trunk/server/fedora/specs/texlive.spec.patch	(revision 1557)
@@ -0,0 +1,41 @@
+--- texlive.orig.spec	2010-05-07 00:27:05.000000000 -0400
++++ texlive.spec	2010-05-07 00:40:09.000000000 -0400
+@@ -21,7 +21,7 @@
+ 
+ Name:		texlive
+ Version:	%{texlive_ver}
+-Release:	46%{?dist}
++Release:	46.scripts.%{scriptsversion}%{?dist}
+ Summary:	Binaries for the TeX formatting system
+ 
+ Group:		Applications/Publishing
+@@ -126,6 +126,9 @@
+ Patch1006:	texlive-2007-ptex-3.1.10.patch
+ Patch1007:	texlive-2007-fmtutil-ptex.patch
+ 
++# 2000-: Scripts patches
++Patch2000:    texlive-CVE-2010-1440.patch
++
+ BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+ 
+ BuildRequires:	flex bison ed xdg-utils
+@@ -431,6 +434,8 @@
+ 
+ %patch1007 -p1 -b .ptex
+ 
++%patch2000 -p1 -b .CVE-2010-1440
++
+ %if %{disable_lcdf_typetools}
+ pushd utils
+ rm -rf lcdf-typetools
+@@ -1238,6 +1243,10 @@
+ %{_mandir}/man1/texutil.1*
+ 
+ %changelog
++* Fri May 07 2010 Alex Dehnert <adehnert@mit.edu> 2007-46.scripts
++- add patch for Bug 586819 - (CVE-2010-1440) from
++  https://bugzilla.redhat.com/attachment.cgi?id=410148
++
+ * Fri Oct 23 2009 Jindrich Novy <jnovy@redhat.com> 2007-46
+ - add missing dependency on kpathsea
+