Download
| Alert*
oval:org.secpod.oval:def:111730
The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The executable ... oval:org.secpod.oval:def:89044565 Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed: - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netsca ... oval:org.secpod.oval:def:111176 The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The executable ... oval:org.secpod.oval:def:1800560 flex incorrectly resized the num_to_read variable in yy_get_next_buffer. The buffer is resized if this value is less or equal to zero. With special crafted input it is possible, that the buffer is not resized if the input is larger than the default buffer size of 16k. This allows a heap buffer overf ... oval:org.secpod.oval:def:602596 Alexander Sulfrian discovered a buffer overflow in the yy_get_next_buffer function generated by Flex, which may result in denial of service and potentially the execution of code if operating on data from untrusted sources. Affected applications need to be rebuild. bogofilter will be rebuild against ... oval:org.secpod.oval:def:602606 It was reported that the update for flex as released in DSA-3653-1 did not completely address CVE-2016-6354 as intended due to problems in the patch handling and regenerated files during the build. Additionally a regression was introduced, causing new warnings when compiling flex generated code. Upd ... oval:org.secpod.oval:def:400813 MozillaFirefox was updated to 45.3.0 ESR to fix the following issues : * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards * MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG wi ... oval:org.secpod.oval:def:89045348 MozillaFirefox was updated to 45.3.0 ESR to fix the following issues : * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards * MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed * MFSA 2016-64/CVE-2016-2838 Buffer overflow rendering SVG wi ... |