Fedora has issued an advisory on November 18: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UD4AJ4M74VT3I6L37E4P5DNYZYBZIOVM/ Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Assigning globally; CC Shlomi as the last maintainer.
Assignee: bugsquad => pkg-bugsCC: (none) => shlomif
Done for both Cauldron and mga7!
CC: (none) => geiger.david68210
Advisory: ======================== Updated hunspell packages fix security vulnerability: Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx (CVE-2019-16707). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16707 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UD4AJ4M74VT3I6L37E4P5DNYZYBZIOVM/ ======================== Updated packages in core/updates_testing: ======================== hunspell-1.7.0-1.1.mga7 libhunspell1.7_0-1.7.0-1.1.mga7 libhunspell-devel-1.7.0-1.1.mga7 from hunspell-1.7.0-1.1.mga7.src.rpm
Whiteboard: MGA7TOO => (none)Version: Cauldron => 7Assignee: pkg-bugs => qa-bugs
64-bit Plasma system. Packages installed cleanly, using the qarepo tool. Checked Libreoffice Writer, and it uses hunspell for spell checking. Opened a new document, typed in several misspelled words, all of which were identified. Hunspell did not offer the correct spelling for one, but that one was so badly misspelled that it isn't surprising. Just to confirm that hunspell was being used, I went into the Writer option and unchecked the "Use Hunspell" box. That turned spellcheck off altogether. This one looks OK for 64-bit. Validating. Advisory in Comment 3.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_updateWhiteboard: (none) => MGA7-64-OK
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0421.html
Status: NEW => RESOLVEDResolution: (none) => FIXED