Sicherheit: Pufferüberlauf in flex
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in flex
ID: FEDORA-2016-8d79ade826
Distribution: Fedora
Plattformen: Fedora 23
Datum: Sa, 10. Dezember 2016, 13:04
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6354
Applikationen: flex


Name        : flex
Product : Fedora 23
Version : 2.6.0
Release : 2.fc23
URL : http://flex.sourceforge.net/
Summary : A tool for creating scanners (text pattern recognizers)
Description :
The flex program generates scanners. Scanners are programs which can
recognize lexical patterns in text. Flex takes pairs of regular
expressions and C code as input and generates a C source file as
output. The output file is compiled and linked with a library to
produce an executable. The executable searches through its input for
occurrences of the regular expressions. When a match is found, it
executes the corresponding C code. Flex was designed to work with
both Yacc and Bison, and is used by many programs as part of their
build process.

You should install flex if you are going to use your system for
application development.

Update Information:

Change type for num_to_read from yy_size_t to int.

[ 1 ] Bug #1360743 - CVE-2016-6354 flex: buffer overflow in generated code

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade flex' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Unterstützer werden
Neue Nachrichten