Stay Vigilant with Timely Linux Security Advisories

security advisoryfedoraupdate

Fedora 44 pspp Low Priority Fixes for DoS 2026-e153173659 Issues

Fix several low-priority CVEs Build with new Gnulib. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e153173659 2026-04-25 01:21:36.171409+00:00 -------------------------------------------------------------------------------- Name : pspp Product : Fedora 44 Version : 2.1.1 Release : 5.fc44 URL : https://www.gnu.org/software/pspp/ Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. -------------------------------------------------------------------------------- Update Information: Fix several low-priority CVEs Build with new Gnulib -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Peter Lemenkov - 2.1.1-5 - Fix FTBFS * Mon Mar 30 2026 Peter Lemenkov - 2.1.1-4 - Fix bunch of low-priority CVEs * Mon Mar 23 2026 Peter Lemenkov - 2.1.1-3 - Fix for a recent gnulib * Tue Mar 10 2026 Peter Lemenkov - 2.1.1-2 - Clarify how to get Smake file -------------------------------------------------------------------------------- References: [ 1 ] Bug #2364045 - CVE-2025-47229 pspp: denial of service via crafted input data in pspp [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2364045 [ 2 ] Bug #2365598 - CVE-2025-47815 pspp: PSPP: Heap Buffer Overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2365598 [ 3 ] Bug #2365601 - CVE-2025-47814 pspp: PSPP: Heap Buffer Overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2365601 [ 4 ] Bug #2367194 - CVE-2025-48188 pspp: Heap Buffer Over-Read in PSPPrijndaelDecrypt Function [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2367194 [ 5 ] Bug #2367692 - CVE-2025-5001 pspp: GNU PSPP pspp-convert.c calloc integer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2367692 [ 6 ] Bug #2371375 - CVE-2025-5898 pspp: GNU PSPP pspp-convert.c parse_variables_option out-of-bounds write [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2371375 [ 7 ] Bug #2371378 - CVE-2025-5899 pspp: GNU PSPP pspp-convert.c parse_variables_option free of memory not on the heap [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2371378 [ 8 ] Bug #2385429 - pspp: FTBFS in Fedora rawhide/f43 https://bugzilla.redhat.com/show_bug.cgi?id=2385429 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e153173659' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Several low-priority fixes for PSPP in Fedora 44 enhance security and software performance.. Fedora 44update PSPP security patch, low-priority vulnerabilities, PSPP software security. . Severity: Low. LinuxSecurity.com Team

Apr 25, 2026 •Low Fedora

security advisorydenial of servicefedora

Fedora 43 PSPP Low Denial of Service Buffer Overflow Alert 2026-7b2964fc42

Fix several low-priority CVEs Build with new Gnulib. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7b2964fc42 2026-04-08 00:52:24.173305+00:00 -------------------------------------------------------------------------------- Name : pspp Product : Fedora 43 Version : 2.1.1 Release : 5.fc43 URL : https://www.gnu.org/software/pspp/ Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. -------------------------------------------------------------------------------- Update Information: Fix several low-priority CVEs Build with new Gnulib -------------------------------------------------------------------------------- ChangeLog: * Mon Mar 30 2026 Peter Lemenkov - 2.1.1-5 - Fix FTBFS * Mon Mar 30 2026 Peter Lemenkov - 2.1.1-4 - Fix bunch of low-priority CVEs * Mon Mar 23 2026 Peter Lemenkov - 2.1.1-3 - Fix for a recent gnulib * Tue Mar 10 2026 Peter Lemenkov - 2.1.1-2 - Clarify how to get Smake file * Sat Mar 7 2026 Peter Lemenkov - 2.1.1-1 - PSPP ver. 2.1.1 * Thu Mar 5 2026 Peter Lemenkov - 2.1.0-1 - PSPP ver. 2.1.0 * Mon Mar 2 2026 Peter Lemenkov - 2.0.1-11 - Fix build with more recent gettext * Thu Feb 12 2026 Peter Lemenkov - 2.0.1-10 - Address CVE-2025-47229 * Sat Jan 17 2026 Fedora Release Engineering - 2.0.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jul 25 2025 Fedora Release Engineering - 2.0.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue May 13 2025 Yaakov Selkowitz - 2.0.1-7 - Fix flatpakbuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2364045 - CVE-2025-47229 pspp: denial of service via crafted input data in pspp [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2364045 [ 2 ] Bug #2365598 - CVE-2025-47815 pspp: PSPP: Heap Buffer Overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2365598 [ 3 ] Bug #2365601 - CVE-2025-47814 pspp: PSPP: Heap Buffer Overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2365601 [ 4 ] Bug #2367194 - CVE-2025-48188 pspp: Heap Buffer Over-Read in PSPP rijndaelDecrypt Function [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2367194 [ 5 ] Bug #2367692 - CVE-2025-5001 pspp: GNU PSPP pspp-convert.c calloc integer overflow [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2367692 [ 6 ] Bug #2371375 - CVE-2025-5898 pspp: GNU PSPP pspp-convert.c parse_variables_option out-of-bounds write [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2371375 [ 7 ] Bug #2371378 - CVE-2025-5899 pspp: GNU PSPP pspp-convert.c parse_variables_option free of memory not on the heap [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2371378 [ 8 ] Bug #2385429 - pspp: FTBFS in Fedora rawhide/f43 https://bugzilla.redhat.com/show_bug.cgi?id=2385429 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7b2964fc42' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Fix for low-priority security issues in Fedora 43's PSPP. Ensure your system's safety by updating now.. Fedora 43 PSPP security issues, update PSPP on Fedora, statistical analysis software security. . Severity: Low. LinuxSecurity.com Team

Apr 08, 2026 •Low Fedora

security advisoryFedorasoftware fix

Fedora 36: FEDORA-2022-ad61bb0c42 Critical: Pspp Heap Overflow

Fix for CVE-2022-39831, CVE-2022-39831. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-ad61bb0c42 2022-09-15 01:53:23.998965 --------------------------------------------------------------------------------Name : pspp Product : Fedora 36 Version : 1.6.2 Release : 4.fc36 URL : Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. --------------------------------------------------------------------------------Update Information: Fix for CVE-2022-39831, CVE-2022-39831 --------------------------------------------------------------------------------ChangeLog: * Tue Aug 23 2022 Mamoru TASAKA - 1.6.2-3 - Rebuild for gsl-2.7.1 * Fri Jul 22 2022 Fedora Release Engineering - 1.6.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2124265 - CVE-2022-39831 pspp: heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124265 [ 2 ] Bug #2124267 - CVE-2022-39832 pspp: heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124267 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-ad61bb0c42' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora has issued a security update to fix the serious heap overflow vulnerability in PSPP. Users should update to the latest package to ensure system stability and protect against exploits. Fedora Security Update, Pspp Software Fix, Heap Overflow Advisory, Software Maintenance. . Severity: Critical. LinuxSecurity.com Team

Sep 14, 2022 •Critical Fedora

security advisoryfedorabuffer overflow

Fedora 37 PSPP Update: Critical Severity Buffer Overflow Fix

Fix for CVE-2022-39831, CVE-2022-39831. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-629b1e8b81 2022-09-14 00:18:15.238856 --------------------------------------------------------------------------------Name : pspp Product : Fedora 37 Version : 1.6.2 Release : 4.fc37 URL : Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. --------------------------------------------------------------------------------Update Information: Fix for CVE-2022-39831, CVE-2022-39831 --------------------------------------------------------------------------------ChangeLog: * Tue Aug 23 2022 Mamoru TASAKA - 1.6.2-3 - Rebuild for gsl-2.7.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #2124265 - CVE-2022-39831 pspp: heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124265 [ 2 ] Bug #2124267 - CVE-2022-39832 pspp: heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2124267 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-629b1e8b81' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More detailson the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Important enhancement for pspp in Fedora 37 resolves buffer vulnerability problems, improving both security and functionality.. Fedora Update,Fedora 37 Security,pspp Update,Buffer Overflow Fix. . Severity: Critical. LinuxSecurity.com Team

Sep 13, 2022 •Critical Fedora

security advisorymoderatedenial of service

openSUSE: 2019:1228-1 Moderate: pspp Denial of Service Fix

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for pspp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1228-1 Rating: moderate References: #1127343 Cross-References: CVE-2019-9211 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pspp fixes the following issues: - CVE-2019-9211: Handle a reachable assertion in write_long_string_missing_values() in libdata.a that could have lead to denial of service. (boo#1127343). - Remove excessive -n argument to %build, and excessive %defattr lines. This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1228=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): pspp-1.2.0-bp150.3.6.1 pspp-devel-1.2.0-bp150.3.6.1 References: https://www.suse.com/security/cve/CVE-2019-9211.html https://bugzilla.suse.com/1127343 -- . This Ubuntu patch resolves a low-level security concern in gimp. Make sure to download the latest version now!. openSUSE Update, pspp Security Fix, Denial of Service, Backports SLE-15. . LinuxSecurity.com Team

Apr 17, 2019 OpenSUSE

security advisoryupdatebuffer overflow

Fedora 29: 2019-817ff2201f Critical: PSPP Buffer Overflow And DoS

* Fixed several CVEs ---- * PSPP ver. 1.2.0. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-817ff2201f 2019-04-06 19:42:42.476727 --------------------------------------------------------------------------------Name : pspp Product : Fedora 29 Version : 1.2.0 Release : 2.fc29 URL : Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. --------------------------------------------------------------------------------Update Information: * Fixed several CVEs ---- * PSPP ver. 1.2.0 --------------------------------------------------------------------------------ChangeLog: * Thu Mar 28 2019 Peter Lemenkov - 1.2.0-2 - https://bugzilla.redhat.com/show_bug.cgi?id=1660318 (CVE-2018-20230) - https://bugzilla.redhat.com/show_bug.cgi?id=1683499 - https://bugzilla.redhat.com/show_bug.cgi?id=1684372 (CVE-2019-9211) - https://bugzilla.redhat.com/show_bug.cgi?id=1668144 * Thu Mar 21 2019 Peter Lemenkov - 1.2.0-1 - Ver. 1.2.0 * Sun Feb 17 2019 Igor Gnatenko - 1.0.1-9 - Rebuild for readline 8.0 * Sat Feb 2 2019 Fedora Release Engineering - 1.0.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Sep 28 2018 Peter Lemenkov - 1.0.1-7 - Added missing test dependency - perl(Text::Diff) * Thu Sep 27 2018 Peter Lemenkov - 1.0.1-6 - Fixed two bugs (1470704, 1470708) --------------------------------------------------------------------------------References: [ 1 ] Bug #1668144 - An issue was discovered in pspp 1.2.0. There is a buffer overflow at function text_parse_counted_string. https://bugzilla.redhat.com/show_bug.cgi?id=1668144 [ 2 ] Bug #1683499 - There is a reachable assertion abort in the function write_long_string_missing_values() in sys-file-writer.c of the libpspp library in GNU PSPP 1.2.0 that will lead to denial of service. https://bugzilla.redhat.com/show_bug.cgi?id=1683499 [ 3 ] Bug #1684372 - CVE-2019-9211 pspp: reachable assertion abort in function write_long_string_missing_values() in data/sys-file-writer.c lead to denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1684372 [ 4 ] Bug #1660318 - There is a buffer overflow at function read_bytes_internal in pspp 1.2.0. https://bugzilla.redhat.com/show_bug.cgi?id=1660318 [ 5 ] Bug #1675689 - pspp: FTBFS in Fedora rawhide/f30 https://bugzilla.redhat.com/show_bug.cgi?id=1675689 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-817ff2201f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . PSPP has implemented a vital security patch addressing multiple vulnerabilities, such as memory corruption and DDoS risks. Learn more today!. Fedora Update, PSPP Threat Analysis, SecurityNotification. . Severity: Critical. LinuxSecurity.com Team

Apr 06, 2019 •Critical Fedora

security advisorydenial of servicebuffer overflow

Fedora 30 - FEDORA-2019-6dcb6b21de Critical: pspp Denial of Service

* Fixed several CVEs. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-6dcb6b21de 2019-04-03 00:38:52.062758 --------------------------------------------------------------------------------Name : pspp Product : Fedora 30 Version : 1.2.0 Release : 2.fc30 URL : Summary : A program for statistical analysis of sampled data Description : PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure support is currently limited, but growing. --------------------------------------------------------------------------------Update Information: * Fixed several CVEs --------------------------------------------------------------------------------References: [ 1 ] Bug #1668144 - An issue was discovered in pspp 1.2.0. There is a buffer overflow at function text_parse_counted_string. https://bugzilla.redhat.com/show_bug.cgi?id=1668144 [ 2 ] Bug #1683499 - There is a reachable assertion abort in the function write_long_string_missing_values() in sys-file-writer.c of the libpspp library in GNU PSPP 1.2.0 that will lead to denial of service. https://bugzilla.redhat.com/show_bug.cgi?id=1683499 [ 3 ] Bug #1684372 - CVE-2019-9211 pspp: reachable assertion abort in function write_long_string_missing_values() in data/sys-file-writer.c lead to denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1684372 [ 4 ] Bug #1660318 - There is a buffer overflow at function read_bytes_internal in pspp 1.2.0. https://bugzilla.redhat.com/show_bug.cgi?id=1660318 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2019-6dcb6b21de' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Essential patches resolve numerous vulnerabilities in pspp for Fedora 30, enhancing both stability and defenses against DoS threats.. Pspp Update,Fedora Security,Statistical Analysis Software,Buffer Overflow Fix. . Severity: Critical. LinuxSecurity.com Team

Apr 02, 2019 •Critical Fedora

security advisorymoderatedenial of service

openSUSE: 2019:0240-1 Moderate: Buffer Overflow in pspp

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for pspp, spread-sheet-widget ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0240-1 Rating: moderate References: #1120061 Cross-References: CVE-2018-20230 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pspp to version 1.2.0 fixes the following issues: Security issue fixed: - CVE-2018-20230: Fixed a heap-based buffer overflow in read_bytes_internal function that could lead to denial-of-service (bsc#1120061). Other bug fixes and changes: - Add upstream patch to avoid compiling with old Texinfo 4.13. - New experimental command SAVE DATA COLLECTION to save MDD files. - MTIME and YMDHMS variable formats now supported. - Spread sheet rendering now done via spread-sheet-widget. This update introduces a new package called spread-sheet-widget as dependency. This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-240=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): libspread-sheet-widget0-0.3-bp150.2.1 libspread-sheet-widget0-debuginfo-0.3-bp150.2.1 pspp-1.2.0-bp150.3.3.1 pspp-devel-1.2.0-bp150.3.3.1 spread-sheet-widget-debugsource-0.3-bp150.2.1 spread-sheet-widget-devel-0.3-bp150.2.1 References: https://www.suse.com/security/cve/CVE-2018-20230.html https://bugzilla.suse.com/1120061 -- . New releasefor openSUSE addressing a critical buffer overflow issue in pspp, now requiring spread-sheet-widget as an additional dependency.. openSUSE Security Update, pspp Update, spread-sheet-widget Dependency, Buffer Overflow Fix. . LinuxSecurity.com Team

Feb 25, 2019 OpenSUSE

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Fedora 44 pspp Low Priority Fixes for DoS 2026-e153173659 Issues

Fedora 43 PSPP Low Denial of Service Buffer Overflow Alert 2026-7b2964fc42

Fedora 36: FEDORA-2022-ad61bb0c42 Critical: Pspp Heap Overflow

Fedora 37 PSPP Update: Critical Severity Buffer Overflow Fix

openSUSE: 2019:1228-1 Moderate: pspp Denial of Service Fix

Fedora 29: 2019-817ff2201f Critical: PSPP Buffer Overflow And DoS

Fedora 30 - FEDORA-2019-6dcb6b21de Critical: pspp Denial of Service

openSUSE: 2019:0240-1 Moderate: Buffer Overflow in pspp

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!