Pufferüberlauf in flex
ID: | FEDORA-2016-c9ad9582f7 |
Distribution: | Fedora |
Plattformen: | Fedora 24 |
Datum: | Mo, 8. August 2016, 23:02 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6354 |
Applikationen: | Fast Lexical Analyzer Generator |
Originalnachricht |
|
Name : flex Product : Fedora 24 Version : 2.6.0 Release : 2.fc24 URL : http://flex.sourceforge.net/ Summary : A tool for creating scanners (text pattern recognizers) Description : The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The executable searches through its input for occurrences of the regular expressions. When a match is found, it executes the corresponding C code. Flex was designed to work with both Yacc and Bison, and is used by many programs as part of their build process. You should install flex if you are going to use your system for application development. -------------------------------------------------------------------------------- Update Information: Change type for num_to_read from yy_size_t to int. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360743 - CVE-2016-6354 flex: buffer overflow in generated code (yy_get_next_buffer) https://bugzilla.redhat.com/show_bug.cgi?id=1360743 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update flex' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org |