Sicherheit: Überschreiben von Dateien in python-nltk
Aktuelle Meldungen Distributionen
Name: Überschreiben von Dateien in python-nltk
ID: openSUSE-SU-2020:0440-1
Distribution: SUSE
Plattformen: SUSE openSUSE Backports SLE-15-SP1
Datum: Mi, 1. April 2020, 22:31
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14751
Applikationen: python-nltk


   openSUSE Security Update: Security update for python-nltk

Announcement ID: openSUSE-SU-2020:0440-1
Rating: moderate
References: #1146427
Cross-References: CVE-2019-14751
Affected Products:
openSUSE Backports SLE-15-SP1

An update that fixes one vulnerability is now available.


This update for python-nltk fixes the following issues:

Update to 3.4.5 (boo#1146427, CVE-2019-14751):

* CVE-2019-14751: Fixed Zip slip vulnerability in downloader for the
unlikely situation where a user configures their downloader to use a
compromised server (boo#1146427)

Update to 3.4.4:

* fix bug in plot function (probability.py)
* add improved PanLex Swadesh corpus reader
* add Text.generate()
* add QuadgramAssocMeasures
* add SSP to tokenizers
* return confidence of best tag from AveragedPerceptron
* make plot methods return Axes objects
* don't require list arguments to PositiveNaiveBayesClassifier.train
* fix Tree classes to work with native Python copy library
* fix inconsistency for NomBank
* fix random seeding in LanguageModel.generate
* fix ConditionalFreqDist mutation on tabulate/plot call
* fix broken links in documentation
* fix misc Wordnet issues
* update installation instructions

Version update to 3.4.1:

* add chomsky_normal_form for CFGs
* add meteor score
* add minimum edit/Levenshtein distance based alignment function
* allow access to collocation list via text.collocation_list()
* support corenlp server options
* drop support for Python 3.4
* other minor fixes

Update to v3.4:

* Support Python 3.7
* New Language Modeling package
* Cistem Stemmer for German
* Support Russian National Corpus incl POS tag model
* Krippendorf Alpha inter-rater reliability test
* Comprehensive code clean-ups
* Switch continuous integration from Jenkins to Travis

Updated to v3.3:

* Support Python 3.6
* New interface to CoreNLP
* Support synset retrieval by sense key
* Minor fixes to CoNLL Corpus Reader
* AlignedSent
* Fixed minor inconsistencies in APIs and API documentation
* Better conformance to PEP8
* Drop Moses Tokenizer (incompatible license)

This update was imported from the openSUSE:Leap:15.1:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP1:

zypper in -t patch openSUSE-2020-440=1

Package List:

- openSUSE Backports SLE-15-SP1 (noarch):




To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux @Facebook
Neue Nachrichten