diff options
| author |   GLSAMaker <glsamaker@gentoo.org> | 2024-09-24 05:10:05 +0000 |
|---|---|---|
| committer |   Hans de Graaff <graaff@gentoo.org> | 2024-09-24 07:10:17 +0200 |
| commit | 2c779560e534feedab8822557bf136147db7c305 (patch) | |
| tree | 020bd240f614f4a53387ed004fa257537f95762e | |
| parent | [ GLSA 202409-20 ] curl: Multiple Vulnerabilities (diff) | |
| download | glsa-2c779560e534feedab8822557bf136147db7c305.tar.gz glsa-2c779560e534feedab8822557bf136147db7c305.tar.bz2 glsa-2c779560e534feedab8822557bf136147db7c305.zip | |
[ GLSA 202409-21 ] Hunspell: Multiple Vulnerabilities
Bug: https://bugs.gentoo.org/866093
Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
Signed-off-by: Hans de Graaff <graaff@gentoo.org>
| -rw-r--r-- | glsa-202409-21.xml | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/glsa-202409-21.xml b/glsa-202409-21.xml new file mode 100644 index 00000000..8f68a531 --- /dev/null +++ b/glsa-202409-21.xml @@ -0,0 +1,41 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="202409-21"> + <title>Hunspell: Multiple Vulnerabilities</title> + <synopsis>Multiple vulnerabilities have been discovered in Hunspell, the worst of which could lead to arbitrary code execution.</synopsis> + <product type="ebuild">hunspell</product> + <announced>2024-09-24</announced> + <revised count="1">2024-09-24</revised> + <bug>866093</bug> + <access>local</access> + <affected> + <package name="app-text/hunspell" auto="yes" arch="*"> + <unaffected range="ge">1.7.1</unaffected> + <vulnerable range="lt">1.7.1</vulnerable> + </package> + </affected> + <background> + <p>Hunspell is the spell checker of LibreOffice, OpenOffice.org, Mozilla Firefox & Thunderbird, Google Chrome.</p> + </background> + <description> + <p>Malicious input to the hunspell spell checker could result in an application crash or other unspecified behavior.</p> + </description> + <impact type="normal"> + <p>Malicious input to the hunspell spell checker could result in an application crash or other unspecified behavior.</p> + </impact> + <workaround> + <p>There is no known workaround at this time.</p> + </workaround> + <resolution> + <p>All Hunspell users should upgrade to the latest version:</p> + + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-text/hunspell-1.7.1" + </code> + </resolution> + <references> + </references> + <metadata tag="requester" timestamp="2024-09-24T05:10:05.686745Z">graaff</metadata> + <metadata tag="submitter" timestamp="2024-09-24T05:10:05.693494Z">graaff</metadata> +</glsa>
\ No newline at end of file |