Fedora 36: 2022-81110193e5 Moderate: Liblouis Buffer Overflow Fixed

Liblouis is an open-source braille translator and back-translator named in

honor of Louis Braille. It features support for computer and literary braille,

supports contracted and uncontracted translation for many languages and has

support for hyphenation. New languages can easily be added through tables that

support a rule- or dictionary based approach. Liblouis also supports math

braille (Nemeth and Marburg).

Liblouis has features to support screen-reading programs. This has led to its

use in two open-source screen readers, NVDA and Orca. It is also used in some

commercial assistive technology applications for example by ViewPlus.

Liblouis is based on the translation routines in the BRLTTY screen reader for

Linux. It has, however, gone far beyond these routines.

Fixes CVE-2022-26981, CVE-2022-31783, and further issues. A detailed list of

changes can be found at

* Thu Jun 9 2022 Martin Gieseking - 3.22.0-1

- Update to 3.22.0

[ 1 ] Bug #2063625 - CVE-2022-26981 liblouis: buffer overflow in compilePassOpcode

https://bugzilla.redhat.com/show_bug.cgi?id=2063625

[ 2 ] Bug #2092277 - CVE-2022-31783 liblouis: invalid memory write in compileRule() in compileTranslationTable.c

https://bugzilla.redhat.com/show_bug.cgi?id=2092277

su -c 'dnf upgrade --advisory FEDORA-2022-81110193e5' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure