File _patchinfo of Package patchinfo.7209

<patchinfo incident="7209">
  <issue id="1054588" tracker="bnc">VUL-0: CVE-2017-12959: pspp: There is a reachable assertion abort in  function dict_add_mrset()  of libpspp.</issue>
  <issue id="1054586" tracker="bnc">VUL-0: CVE-2017-12961: pspp: There is an assertion abort in function parse_attributes() of libpspp</issue>
  <issue id="1054587" tracker="bnc">VUL-0: CVE-2017-12960: pspp: There is an assertion abort in function dict_rename_var() of libpspp.</issue>
  <issue id="1054585" tracker="bnc">VUL-0: CVE-2017-12958: pspp: There is an illegal address access in function output_hex() of libpspp.</issue>
  <issue id="2017-12961" tracker="cve" />
  <issue id="2017-12959" tracker="cve" />
  <issue id="2017-12958" tracker="cve" />
  <issue id="2017-12960" tracker="cve" />
  <issue id="2017-10792" tracker="cve" />
  <issue id="2017-10791" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>embar-</packager>
  <description>This update for pspp fixes the following issues:

- CVE-2017-12958: Illegal address access in function output_hex() could lead to denial of service or unexpected state (boo#1054585) 
- CVE-2017-12959: Assertion in function dict_add_mrset() could lead to denial of service (boo#1054588)
- CVE-2017-12960: Assertion in function dict_rename_var() could lead to denial of service (boo#1054587)
- CVE-2017-12961: Assertion in function parse_attributes() could lead to denial of service (boo#1054586)

</description>
  <summary>Security update for pspp</summary>
</patchinfo>
openSUSE Build Service is sponsored by