Overview

File _patchinfo of Package patchinfo.5583

<patchinfo incident="5583">
  <issue id="1056097" tracker="bnc">VUL-0: CVE-2017-13740: liblouis: stack-based buffer overflow triggered in the function parseChars() in compileTranslationTable.c</issue>
  <issue id="1056095" tracker="bnc">VUL-0: CVE-2017-13741: liblouis: use-after-free in the function compileBrailleIndicator() incompileTranslationTable.c</issue>
  <issue id="1056093" tracker="bnc">VUL-1: CVE-2017-13742: liblouis: stack-based buffer overflow triggered in function includeFile() in compileTranslationTable.c</issue>
  <issue id="1056090" tracker="bnc">VUL-0: CVE-2017-13743: liblouis: buffer overflow triggered in function_lou_showString() in utils.c</issue>
  <issue id="1056101" tracker="bnc">VUL-0: CVE-2017-13739: liblouis: heap-based buffer overflow that causes out-of-bounds write triggered in function resolveSubtable()</issue>
  <issue id="1056105" tracker="bnc">VUL-0: CVE-2017-13738: liblouis:  illegal address access in the _lou_getALine function in compileTranslationTable.c:</issue>
  <issue id="1056088" tracker="bnc">VUL-0: CVE-2017-13744: liblouis: illegal address access in the function _lou_getALine() incompileTranslationTable.c</issue>
  <issue id="2017-13739" tracker="cve" />
  <issue id="2017-13738" tracker="cve" />
  <issue id="2017-13744" tracker="cve" />
  <issue id="2017-13740" tracker="cve" />
  <issue id="2017-13741" tracker="cve" />
  <issue id="2017-13743" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>mgorse</packager>
  <description>This update for liblouis fixes several issues.

These security issues were fixed:

- CVE-2017-13738: Prevent illegal address access in the _lou_getALine function that allowed to cause remote DoS (bsc#1056105).
- CVE-2017-13739: Prevent heap-based buffer overflow in the function resolveSubtable() that could have caused DoS or remote code execution (bsc#1056101).
- CVE-2017-13740: Prevent stack-based buffer overflow in the function parseChars() that could have caused DoS or possibly unspecified other impact (bsc#1056097) 
- CVE-2017-13741: Prevent use-after-free in function compileBrailleIndicator() that allowed to cause remote DoS (bsc#1056095).
- CVE_2017-13742: Prevent stack-based buffer overflow in function includeFile that allowed to cause remote DoS (bsc#1056093).
- CVE-2017-13743: Prevent buffer overflow triggered in the function _lou_showString() that allowed to cause remote DoS (bsc#1056090).
- CVE-2017-13744: Prevent illegal address access in the function _lou_getALine() that allowed to cause remote DoS (bsc#1056088).
</description>
  <summary>Security update for liblouis</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places