Security update for flex, at, libbonobo, netpbm, openslp, sgmltool, virtuoso
Various packages included vulnerable parsers generated by "flex".
This update provides a fixed "flex" package and also rebuilds of packages
that might have security issues caused by the auto generated code.
Flex itself was updated to fix a buffer overflow in the generated scanner
Packages that were rebuilt with the fixed flex:
Some more packages might also need to be rebuild to receive a new flex parser, but will be released later.
This update was imported from the SUSE:SLE-12:Update update project.
- Submitted by Michal Marek (michal-m)
VUL-1: CVE-2016-6354: flex,flex-old: buffer overflow in generated code (yy_get_next_buffer)