openSUSE Security Update : flex / at / libbonobo / etc (openSUSE-2016-1155)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

Various packages included vulnerable parsers generated by 'flex'.

This update provides a fixed 'flex' package and also rebuilds of
packages that might have security issues caused by the auto generated

Flex itself was updated to fix a buffer overflow in the generated
scanner (bsc#990856, CVE-2016-6354)

Packages that were rebuilt with the fixed flex :

- at

- libbonobo

- netpbm

- openslp

- sgmltool

- virtuoso

Some more packages might also need to be rebuild to receive a new flex
parser, but will be released later.

This update was imported from the SUSE:SLE-12:Update update project.

See also :

Solution :

Update the affected flex / at / libbonobo / etc packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: SuSE Local Security Checks

Nessus Plugin ID: 93855 ()

Bugtraq ID:

CVE ID: CVE-2016-6354

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now