Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 13 Jun 2011 14:30:44 +0200
From: Jan Lieskovsky <>
To: "Steven M. Christey" <>
        Ville-Pekka Vainio <>
Subject: CVE Request -- libvoikko -- DoS of application linked against libvoikko
 due improper handling of embedded null characters in input strings

Hello, Josh, Steve, vendors,

   A denial of service flaw was found in the way Python and Java
interfaces of libvoikko, a library for spellcheckers and hyphenators,
processed embedded null characters in input strings. If a specially-
crafted input string was provided to an application linked against
libvoikko, it could lead to that particular application termination.


Upstream patches:

Could you allocate a CVE identifier for this?

Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ