USN-260-1: flex vulnerability | Ubuntu security notices

Details

Chris Moore discovered a buffer overflow in a particular class of
lexicographical scanners generated by flex. This could be exploited to
execute arbitrary code by processing specially crafted user-defined
input to an application that uses a flex scanner for parsing.

This flaw particularly affects gpc, the GNU Pascal Compiler. A
potentially remote attacker could exploit this by tricking an user or
automated system into compiling a specially crafted Pascal source code
file.

Please note that gpc is not officially supported in Ubuntu (it is in
the 'universe' component of the archive). However, this affects you if
you use a customized version built from the gcc-3.3 or gcc-3.4 source
package (which is supported).

Chris Moore discovered a buffer overflow in a particular class of
lexicographical scanners generated by flex. This could be exploited to
execute arbitrary code by processing specially crafted user-defined
input to an application that uses a flex scanner for parsing.

This flaw particularly affects gpc, the GNU Pascal Compiler. A
potentially remote attacker could exploit this by tricking an user or
automated system into compiling a specially crafted Pascal source code
file.

Please note that gpc is not officially supported in Ubuntu (it is in
the 'universe' component of the archive). However, this affects you if
you use a customized version built from the gcc-3.3 or gcc-3.4 source
package (which is supported).

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

Ubuntu Release	Package Version
5.10 breezy	flex –
	gpc-2.1-3.4 –
	gpc-2.1-3.3 –
5.04 hoary	flex –
	gpc-2.1-3.4 –
	gpc-2.1-3.3 –
4.10 warty	flex –
	gpc-2.1-3.4 –
	gpc-2.1-3.3 –

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

CVE-2006-0459

CVE-2006-0459