UbuntuUpdates.org

Package "aspell"

Name: aspell

Description:

GNU Aspell spell-checker

Latest version: 0.60.7~20110707-4ubuntu0.2
Release: bionic (18.04)
Level: security
Repository: main
Homepage: http://aspell.net/

Links


Download "aspell"


Other versions of "aspell" in Bionic

Repository Area Version
base main 0.60.7~20110707-4
updates main 0.60.7~20110707-4ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.60.7~20110707-4ubuntu0.2 2021-07-26 17:06:20 UTC

  aspell (0.60.7~20110707-4ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Heap based buffer overflow
    - debian/patches/CVE-2019-25051.patch: assert that the alloc size will
      fit within a chunk to prevent a buffer overflow in common/objstack.hpp.
    - CVE-2019-25051

 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 22 Jul 2021 15:28:23 -0300

Source diff to previous version
CVE-2019-25051 objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config

Version: 0.60.7~20110707-4ubuntu0.1 2019-10-15 16:06:30 UTC

  aspell (0.60.7~20110707-4ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer over-read
    - debian/patches/CVE-2019-17544.patch: add checks
      in common/config.cpp, common/file_util.cpp,
      common/getdata.cpp.
    - CVE-2019-17544

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 15 Oct 2019 09:12:09 -0300

CVE-2019-17544 libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character.



About   -   Send Feedback to @ubuntu_updates