Sicherheit: Pufferüberlauf in flex
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in flex
ID: FEDORA-2016-c9ad9582f7
Distribution: Fedora
Plattformen: Fedora 24
Datum: Mo, 8. August 2016, 23:02
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6354
Applikationen: flex


Name        : flex
Product : Fedora 24
Version : 2.6.0
Release : 2.fc24
URL : http://flex.sourceforge.net/
Summary : A tool for creating scanners (text pattern recognizers)
Description :
The flex program generates scanners. Scanners are programs which can
recognize lexical patterns in text. Flex takes pairs of regular
expressions and C code as input and generates a C source file as
output. The output file is compiled and linked with a library to
produce an executable. The executable searches through its input for
occurrences of the regular expressions. When a match is found, it
executes the corresponding C code. Flex was designed to work with
both Yacc and Bison, and is used by many programs as part of their
build process.

You should install flex if you are going to use your system for
application development.

Update Information:

Change type for num_to_read from yy_size_t to int.

[ 1 ] Bug #1360743 - CVE-2016-6354 flex: buffer overflow in generated code

This update can be installed with the "yum" update program. Use
su -c 'yum update flex' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten