INFSA-2023:6385: liblouis security update
Information about definition
Identificator: INFSA-2023:6385
Type: security
Release date: 2025-03-05 17:38:04 UTC
Information about package
Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille (Nemeth and Marburg).
Vulnerabilities description
- CVE-2023-26767
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint.
- CVE-2023-26768
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions.
- CVE-2023-26769
Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-26767
|
no information | 7.5 | no information |
|
NIST — CVE-2023-26768
|
no information | 7.5 | no information |
|
NIST — CVE-2023-26769
|
no information | 7.5 | no information |
Updated packages