Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 20: FEDORA-2015-0633 Critical: Chicken Buffer Overflow

fedora
Calendar Grey April 7, 2015
Dist Fedora Esm H88
Fedora 20 has released an important update to address a buffer overflow vulnerability in chicken Scheme, as noted on Bugzilla. Users should apply this update promptly
Patches security vulnerability discussed here: https://bugzilla.redhat.com/show_bug.cgi?id=1181483 Latest upstream release

Summary

CHICKEN is a compiler for the Scheme programming language.

CHICKEN produces portable, efficient C, supports almost all of the R5RS

Scheme language standard, and includes many enhancements and extensions.

Update Information:

Patches security vulnerability discussed here: https://bugzilla.redhat.com/show_bug.cgi?id=1181483 Latest upstream release. Latest upstream release.

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora update information patch chicken scheme

Change Log

* Tue Jan 13 2015 Ricky Elrod - 4.9.0.1-3 - Apply patch to work around buffer overrun: https://bugzilla.redhat.com/show_bug.cgi?id=1181483 * Sat Aug 16 2014 Fedora Release Engineering - 4.9.0.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Thu Aug 7 2014 Ricky Elrod - 4.9.0.1-1 - Latest upstream release. * Sat Jun 7 2014 Ricky Elrod - 4.9.0-4 - Rebuild from previous bootstrap. * Sat Jun 7 2014 Ricky Elrod - 4.9.0-3 - Bootstrap for el7. * Sat Jun 7 2014 Fedora Release Engineering - 4.9.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed Jun 4 2014 Ricky Elrod - 4.9.0-1 - Latest upstream release. * Tue May 20 2014 Ricky Elrod - 4.8.0.6-2 - Patch for CVE-2014-3776. * Thu Apr 24 2014 Ricky Elrod - 4.8.0.6-1 - Upstream 4.8.0.6. * Sat Dec 14 2013 Ricky Elrod - 4.8.0.5-3 - Get rid of docs subpackage. - Add a -libs subpackage for the runtime library. * Sun Dec 8 2013 Ricky Elrod - 4.8.0.5-2 - Add -Wformat for BZ #1037013. * Sun Nov 24 2013 Ricky Elrod - 4.8.0.5-1 - Upstream 4.8.0.5. * Fri Sep 27 2013 Ricky Elrod - 4.8.0.4-4 - Add upstream patch for CVE-2013-4385, until 4.8.0.5 is released.

References


[ 1 ] Bug #1181483 - chicken: buffer overflow vulnerability in CHICKEN Scheme's substring-index[-ci] procedures https://bugzilla.redhat.com/show_bug.cgi?id=1181483

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update chicken' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: chicken
Product: Fedora 20
Version: 4.9.0.1
Release: 3.fc20
URL: http://call-cc.org
Summary: A practical and portable Scheme system

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora update information patch chicken scheme

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here