I do not use LaTeX or dvips or Type1 fonts, so I suppose I am not affected. I wrote my own DVI driver that supports PK fonts and converts directly to PBM without needing PostScript.
Probably, other users who do not add any new fonts also would not be affected, I suppose.
That article says "This same vulnerable function is used by other tools in TeX Live: pdflatex, pdftex, dvips and luatex. I only built an exploit for pdflatex, the most widely used of the vulnerable tools." I only use the program "tex", not any of those four.
Still, the article is good and is interesting and explains it, and is good to fix them for users who do use these things.
Probably, other users who do not add any new fonts also would not be affected, I suppose.
That article says "This same vulnerable function is used by other tools in TeX Live: pdflatex, pdftex, dvips and luatex. I only built an exploit for pdflatex, the most widely used of the vulnerable tools." I only use the program "tex", not any of those four.
Still, the article is good and is interesting and explains it, and is good to fix them for users who do use these things.