Login
Newsletter
Werbung

Sicherheit: Denial of Service in libvoikko
Aktuelle Meldungen Distributionen
Name: Denial of Service in libvoikko
ID: FEDORA-2011-8232
Distribution: Fedora
Plattformen: Fedora 14
Datum: Fr, 1. Juli 2011, 10:02
Referenzen: Keine Angabe
Applikationen: Libvoikko

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2011-8232
2011-06-14 09:54:18
-------------------------------------------------------------------------------
-

Name : libvoikko
Product : Fedora 14
Version : 3.0
Release : 3.fc14
URL : http://voikko.sourceforge.net/
Summary : Voikko is a library for spellcheckers and hyphenators
Description :
This is libvoikko, library for spellcheckers and hyphenators using Malaga
natural language grammar development tool. The library is written in C.

Currently only Finnish is supported, but the API of the library has been
designed to allow adding support for other languages later. Note however that
Malaga is rather low level tool that requires implementing the whole morphology
of a language as a left associative grammar. Therefore languages that have
simple or even moderately complex morphologies and do not require morphological
analysis in their hyphenators should be implemented using other tools such as
Hunspell.

-------------------------------------------------------------------------------
-
Update Information:

Backport a security fix from version 3.2.1: Fix handling of embedded null
characters in input strings entered through the Python interface. The bug could be used to cause denial of service conditions and possibly other problems. Users of these interfaces are recommended to upgrade to this release. Applications that use the native C++ library directly (this includes all well known desktop applications) are not affected by this bug and no changes to the native library have been made in this release.
-------------------------------------------------------------------------------
-
ChangeLog:

* Sun Jun 12 2011 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 3.0-3
- Security update: fixes handling of embedded null characters in input strings
entered through the Python interface.
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update libvoikko' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung