CVE-2017-12958 There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service. https://bugzilla.redhat.com/show_bug.cgi?id=1482429 CVE-2017-12959 There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP 0.11.0 that will lead to a remote denial of service attack. https://bugzilla.redhat.com/show_bug.cgi?id=1482432 CVE-2017-12960 There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service. https://bugzilla.redhat.com/show_bug.cgi?id=1482433 CVE-2017-12961 There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP 0.11.0 that will lead to remote denial of service. https://bugzilla.redhat.com/show_bug.cgi?id=1482436
Created pspp tracking bugs for this issue: Affects: fedora-all [bug 1487217]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.