[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2720-1] aspell security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2720-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
July 26, 2021                                 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : aspell
Version        : 0.60.7~20110707-3+deb9u1
CVE ID         : CVE-2019-17544 CVE-2019-25051


Two issue have been found in aspell, the GNU Aspell spell-checker.
One issue is related to a stack-based buffer over-read via an isolated \ character when processing a configuration file. 
The other issue is related to a heap-based buffer overflow.


For Debian 9 stretch, these problems have been fixed in version
0.60.7~20110707-3+deb9u1.

We recommend that you upgrade your aspell packages.

For the detailed security status of aspell please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/aspell

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmD93+NfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfwORAAiJX6THHLiimgG2ATi+lerAe2cYsnB4AvXn/CHQQ3RmQrBXkOoNG98H7Z
kLZFL0Zju4TgLrrM57b1SttTXL2aIg8KTOyb6AYgK1Ix2TW5IO6XGq3oPhDK0mUk
IbyoRZH+K/xTrhPBAQe+ZtTYoWe0XZdfYrhFKszfp3whSuJuNuhlHI/JYqeeu9tn
oSp/onj3fWK2VDxeoDmI5MUX8nb3QoAxht3OjihLgSYSN9IIbsZDOf4vy5BlBlSK
1pW8+4CDftWI4++nhuoUrb7jtuk4djtR9oqvx+kZ2mFuUWVgKFtXo6Z0YtQ5bHLp
LSqR+Yrw9JgspDXFLrozZaKkEVhoOEF23m55zxDEV23m9jTIrP+ddHy1l5WARuEz
xvmsy4coDPw7NomvGfPDbFZSA8SHrL8kgx5ILX5zoqYqPcqTsZDTWxnwH19r1TVA
M9pjD3GxuC0W/i6OhcAGJNo6n00SuRY+n1IlFNXC3Q/cQuVL2qrE4JlJyLFRIfZu
XJrxOVf7CHOYn0uDUwh2OmUeeGorW2lbouRNbJ+id+rdRVdnAw3XCYEFsZY4CYAp
8D6tw1Qd8ICn21Gc+ogLMW1MPHzWUCZnoFAx3yy/k/ayescZccvBt5vtfKsp//Dk
NU9nRqFj9GZPHNxsEOV0WPBpgQeKMjLWE6yOlrdaxFcsalO4HO4=
=iLNe
-----END PGP SIGNATURE-----
Reply to: