You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa flex

Sigurnosni nedostatak programskog paketa flex

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-08-08 17:18:39.593649

Name : flex
Product : Fedora 24
Version : 2.6.0
Release : 2.fc24
Summary : A tool for creating scanners (text pattern recognizers)
Description :
The flex program generates scanners. Scanners are programs which can
recognize lexical patterns in text. Flex takes pairs of regular
expressions and C code as input and generates a C source file as
output. The output file is compiled and linked with a library to
produce an executable. The executable searches through its input for
occurrences of the regular expressions. When a match is found, it
executes the corresponding C code. Flex was designed to work with
both Yacc and Bison, and is used by many programs as part of their
build process.

You should install flex if you are going to use your system for
application development.

Update Information:

Change type for num_to_read from yy_size_t to int.

[ 1 ] Bug #1360743 – CVE-2016-6354 flex: buffer overflow in generated code (yy_get_next_buffer)

This update can be installed with the “yum” update program. Use
su -c ‘yum update flex’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2016-08-0046-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa fontconfig

Otkriven je sigurnosni nedostatak u programskom paketu fontconfig za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvršavanje proizvoljnog programskog...