Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Fedora 39 Critical Fix: Polymake Buffer Overrun CVE-2023-47038

fedora
Calendar Grey December 6, 2023
Dist Fedora Esm H88
A critical security fix for Polymake addresses CVE-2023-47038 to strengthen system integrity in Fedora 39.
Security fix for CVE-2023-47038

Summary

Polymake is a tool to study the combinatorics and the geometry of convex

polytopes and polyhedra. It is also capable of dealing with simplicial

complexes, matroids, polyhedral fans, graphs, tropical objects, and so

forth.

Polymake can use various computational packages if they are installed.

Those available from Fedora are: 4ti2, azove, gfan, latte-integrale,

normaliz, qhull, Singular, TOPCOM, and vinci.

Polymake can interface with various visualization packages if they are

installed. Install one or more of the tools from the following list:

evince, geomview, graphviz, gv, and okular.

Update Information:

Security fix for CVE-2023-47038

Change Log

* Thu Nov 30 2023 Jitka Plesnikova - 4.11-2 - Rebuild for perl 5.38.2

References


[ 1 ] Bug #2251622 - CVE-2023-47038 perl: Write past buffer end via illegal user-defined Unicode property [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2251622

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c67f4dbf13' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: polymake
Product: Fedora 39
Version: 4.11
Release: 2.fc39
Summary: Algorithms on convex polytopes and polyhedra

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.