CVE-2018-20230

An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

packagechannelchannel versionpkg versionstatus
pspp
nixos-20.03
2020-03-28 16:50:34 UTC (b0c285)1.2.0vulnerable
2020-03-28 01:25:31 UTC (85055b)1.2.0vulnerable
2020-03-26 22:10:38 UTC (3a009b)1.2.0vulnerable
2020-03-26 18:30:23 UTC (c6839e)1.2.0vulnerable
2020-03-21 08:05:45 UTC (b2935f)1.2.0vulnerable
2020-03-20 01:00:30 UTC (16dd1d)1.2.0vulnerable
2020-03-16 12:45:35 UTC (99a3d7)1.2.0vulnerable
2020-03-13 21:10:27 UTC (730453)1.2.0vulnerable
2020-03-10 15:20:40 UTC (dbacfa)1.2.0vulnerable
2020-03-10 04:00:23 UTC (da92e0)1.2.0vulnerable
2020-03-09 07:45:46 UTC (62b2bf)1.2.0vulnerable
2020-03-08 17:55:47 UTC (fb34ac)1.2.0vulnerable
2020-03-08 01:55:51 UTC (cbe553)1.2.0vulnerable
2020-03-07 19:50:24 UTC (b780ae)1.2.0vulnerable
2020-03-07 05:50:37 UTC (470731)1.2.0vulnerable
2020-03-06 07:05:18 UTC (1f99fd)1.2.0vulnerable
2020-03-05 13:35:28 UTC (08bcfe)1.2.0vulnerable
2020-03-02 16:00:33 UTC (61cc1f)1.2.0vulnerable
2020-03-02 00:30:27 UTC (ebc962)1.2.0vulnerable
2020-02-29 15:10:31 UTC (4f8bc8)1.2.0vulnerable
2020-02-28 22:00:25 UTC (89536c)1.2.0vulnerable
2020-02-28 09:40:24 UTC (a2bb25)1.2.0vulnerable
2020-02-27 23:50:30 UTC (f82333)1.2.0vulnerable
2020-02-27 05:40:34 UTC (be346a)1.2.0vulnerable
2020-02-27 04:10:22 UTC (8d49eb)1.2.0vulnerable
2020-02-24 16:25:25 UTC (68df00)1.2.0vulnerable
2020-02-23 18:10:20 UTC (04aca9)1.2.0vulnerable
2020-02-23 13:45:26 UTC (153baa)1.2.0vulnerable
2020-02-22 17:35:41 UTC (d31e38)1.2.0vulnerable
2020-02-20 11:25:36 UTC (71be72)1.2.0vulnerable
nixos-unstable
2020-02-28 00:35:20 UTC (57f2ea)1.2.0vulnerable
2020-02-26 17:55:29 UTC (55beed)1.2.0vulnerable
2020-02-25 22:00:40 UTC (d363be)1.2.0vulnerable
2020-02-25 01:05:18 UTC (398929)1.2.0vulnerable
2020-02-22 13:35:28 UTC (ea79a8)1.2.0vulnerable
2020-02-22 08:50:39 UTC (1ddb14)1.2.0vulnerable
2020-02-20 13:50:20 UTC (e2b4ab)1.2.0vulnerable