UBUNTU-CVE-2019-16707

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2019-16707
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-16707.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2019-16707
Upstream
Published
2019-09-23T12:15:00Z
Modified
2025-07-14T07:15:02.387018Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
  • Ubuntu - low
Summary
[none]
Details

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

References

Affected packages

Ubuntu:Pro:14.04:LTS / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.3.2-6ubuntu2.1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.3.2-4ubuntu1
1.3.2-6ubuntu1
1.3.2-6ubuntu2
1.3.2-6ubuntu2.1

Ubuntu:Pro:16.04:LTS / enchant

Package

Name
enchant
Purl
pkg:deb/ubuntu/enchant@1.6.0-10.1build2?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0-10.1build1
1.6.0-10.1build2

Ubuntu:Pro:16.04:LTS / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.3.3-4ubuntu1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.3.3-3ubuntu3
1.3.3-3ubuntu4
1.3.3-4ubuntu1

Ubuntu:Pro:16.04:LTS / calibre

Package

Name
calibre
Purl
pkg:deb/ubuntu/calibre@2.55.0+dfsg-1ubuntu0.2?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.33.0+dfsg-1build1
2.38.0+dfsg-1
2.45.0+dfsg-1
2.45.0+dfsg-1build1
2.48.0+dfsg-1
2.48.0+dfsg-1build1
2.54.0+dfsg-1
2.55.0+dfsg-1
2.55.0+dfsg-1ubuntu0.2

Ubuntu:Pro:16.04:LTS / focuswriter

Package

Name
focuswriter
Purl
pkg:deb/ubuntu/focuswriter@1.5.5-1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.5.4.1-1build1
1.5.5-1

Ubuntu:Pro:16.04:LTS / postbooks

Package

Name
postbooks
Purl
pkg:deb/ubuntu/postbooks@4.9.2-1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.9.2-1

Ubuntu:Pro:16.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@4.4.1-1.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.4.1-1
4.4.1-1.1

Ubuntu:Pro:18.04:LTS / enchant

Package

Name
enchant
Purl
pkg:deb/ubuntu/enchant@1.6.0-11.1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0-11build2
1.6.0-11.1

Ubuntu:Pro:18.04:LTS / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.6.2-1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.2-1

Ubuntu:Pro:18.04:LTS / calibre

Package

Name
calibre
Purl
pkg:deb/ubuntu/calibre@3.21.0+dfsg-1build1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.7.0+dfsg-2
3.7.0+dfsg-2build1
3.12.0+dfsg-1
3.13.0+dfsg-1
3.14.0+dfsg-1
3.15.0.1+dfsg-1
3.16.0+dfsg-1
3.16.0+dfsg-1build1
3.17.0+dfsg-1
3.17.0+dfsg-2
3.18.0+dfsg-1build1
3.19.0+dfsg-1
3.20.0+dfsg-1
3.21.0+dfsg-1
3.21.0+dfsg-1build1

Ubuntu:Pro:18.04:LTS / focuswriter

Package

Name
focuswriter
Purl
pkg:deb/ubuntu/focuswriter@1.6.12-1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.6-1
1.6.7-1
1.6.8-1
1.6.8-2
1.6.9-1
1.6.10-1
1.6.11-1
1.6.12-1

Ubuntu:Pro:18.04:LTS / postbooks

Package

Name
postbooks
Purl
pkg:deb/ubuntu/postbooks@4.10.1-1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.10.1-1

Ubuntu:Pro:18.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.9.5+dfsg-0ubuntu2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.9.1+dfsg-4
5.9.1+dfsg-4ubuntu1
5.9.2+dfsg-2ubuntu1
5.9.3+dfsg-0ubuntu1
5.9.4+dfsg-0ubuntu1
5.9.5+dfsg-0ubuntu2

Ubuntu:Pro:18.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.0.2-1build2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.5-1

5.*

5.0.2-1
5.0.2-1build1
5.0.2-1build2

Ubuntu:Pro:20.04:LTS / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.7.0-2build2?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.7.0-2build1
1.7.0-2build2

Ubuntu:Pro:20.04:LTS / calibre

Package

Name
calibre
Purl
pkg:deb/ubuntu/calibre@4.99.4+dfsg+really4.12.0-1ubuntu1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.46.0+dfsg-1

4.*

4.2.0+dfsg-2
4.3.0+dfsg-1
4.3.0+dfsg-2
4.4.0+dfsg-1
4.5.0+dfsg-1
4.5.0+dfsg-2
4.5.0+dfsg-3
4.6.0+dfsg-1
4.7.0+dfsg-1
4.99.3+dfsg-2
4.99.4+dfsg-1
4.99.4+dfsg-1build1
4.99.4+dfsg+really4.10.0+py3-2
4.99.4+dfsg+really4.11.2-1
4.99.4+dfsg+really4.11.2-1build1
4.99.4+dfsg+really4.12.0-1
4.99.4+dfsg+really4.12.0-1build1
4.99.4+dfsg+really4.12.0-1ubuntu1

Ubuntu:Pro:20.04:LTS / enchant

Package

Name
enchant
Purl
pkg:deb/ubuntu/enchant@1.6.0-11.3build1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.0-11.1build1
1.6.0-11.3
1.6.0-11.3build1

Ubuntu:Pro:20.04:LTS / focuswriter

Package

Name
focuswriter
Purl
pkg:deb/ubuntu/focuswriter@1.7.4-1build1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.7.3-1
1.7.4-1
1.7.4-1build1

Ubuntu:Pro:20.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.12.8+dfsg-0ubuntu1.1?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.12.4+dfsg-1ubuntu1
5.12.4+dfsg-1ubuntu3
5.12.5+dfsg-3ubuntu1
5.12.5+dfsg-6ubuntu2
5.12.5+dfsg-7
5.12.5+dfsg-7build1
5.12.8+dfsg-0ubuntu1
5.12.8+dfsg-0ubuntu1.1

Ubuntu:Pro:20.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.0.3-1build5?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.3-1build2
5.0.3-1build3
5.0.3-1build4
5.0.3-1build5

Ubuntu:22.04:LTS / calibre

Package

Name
calibre
Purl
pkg:deb/ubuntu/calibre@5.37.0+dfsg-1build1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.25.0+dfsg-2
5.33.2+dfsg-1
5.34.0+dfsg-1
5.35.0+dfsg-1ubuntu2
5.37.0+dfsg-1
5.37.0+dfsg-1build1

Ubuntu:22.04:LTS / focuswriter

Package

Name
focuswriter
Purl
pkg:deb/ubuntu/focuswriter@1.7.6-2?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.7.6-2

Ubuntu:22.04:LTS / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.7.0-4build1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0-4build1

Affected versions

1.*

1.7.0-3
1.7.0-3build1
1.7.0-4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "hunspell",
            "binary_version": "1.7.0-4build1"
        },
        {
            "binary_name": "hunspell-dbgsym",
            "binary_version": "1.7.0-4build1"
        },
        {
            "binary_name": "hunspell-tools",
            "binary_version": "1.7.0-4build1"
        },
        {
            "binary_name": "hunspell-tools-dbgsym",
            "binary_version": "1.7.0-4build1"
        },
        {
            "binary_name": "libhunspell-1.7-0",
            "binary_version": "1.7.0-4build1"
        },
        {
            "binary_name": "libhunspell-1.7-0-dbgsym",
            "binary_version": "1.7.0-4build1"
        },
        {
            "binary_name": "libhunspell-dev",
            "binary_version": "1.7.0-4build1"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:22.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.9+dfsg-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.6+dfsg-1
5.15.6+dfsg-2
5.15.7+dfsg-2
5.15.8+dfsg-1
5.15.8+dfsg-1build1
5.15.8+dfsg-1build2
5.15.8+dfsg-2
5.15.9+dfsg-1

Ubuntu:22.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.0.3-1build9?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.3-1build8
5.0.3-1build9

Ubuntu:24.04:LTS / calibre

Package

Name
calibre
Purl
pkg:deb/ubuntu/calibre@7.6.0+ds-1build1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.24.0+ds-1
6.29.0+ds-1

7.*

7.0.0+ds-1
7.1.0+ds-1
7.1.0+ds-2
7.2.0+ds-1
7.2.0+ds-1build1
7.3.0+ds-1
7.4.0+ds-1
7.5.1+ds-1
7.5.1+ds-2
7.5.1+ds-3
7.6.0+ds-1
7.6.0+ds-1build1

Ubuntu:24.04:LTS / focuswriter

Package

Name
focuswriter
Purl
pkg:deb/ubuntu/focuswriter@1.8.6-1build2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.8.5-1
1.8.6-1
1.8.6-1build1
1.8.6-1build2

Ubuntu:24.04:LTS / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.7.2+really1.7.2-10build3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.2+really1.7.2-10build3

Affected versions

1.*

1.7.2+really1.7.2-10
1.7.2+really1.7.2-10build1
1.7.2+really1.7.2-10build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "hunspell",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "hunspell-dbgsym",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "hunspell-tools",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "hunspell-tools-dbgsym",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-1.7-0",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-1.7-0-dbgsym",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-dev",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-private-dev",
            "binary_version": "1.7.2+really1.7.2-10build3"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:24.04:LTS / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.16+dfsg-3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.15+dfsg-2
5.15.15+dfsg-2build2
5.15.15+dfsg-2ubuntu1
5.15.16+dfsg-1
5.15.16+dfsg-1ubuntu2
5.15.16+dfsg-1ubuntu4
5.15.16+dfsg-3

Ubuntu:24.04:LTS / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.1.3+dfsg-1build8?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.1.3+dfsg-1build4
5.1.3+dfsg-1build5
5.1.3+dfsg-1build6
5.1.3+dfsg-1build7
5.1.3+dfsg-1build8

Ubuntu:25.04 / calibre

Package

Name
calibre
Purl
pkg:deb/ubuntu/calibre@7.26.0+ds-4build1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

7.*

7.16.0+ds-3
7.20.0+ds-1
7.21.0+ds-1
7.21.0+ds-2
7.22.0+ds-1
7.22.0+ds-1build1
7.22.0+ds-2
7.23.0+ds-1
7.24.0+ds-1
7.24.0+ds-2
7.26.0+ds-1
7.26.0+ds-3
7.26.0+ds-4
7.26.0+ds-4build1

Ubuntu:25.04 / focuswriter

Package

Name
focuswriter
Purl
pkg:deb/ubuntu/focuswriter@1.8.11-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.8.8-1
1.8.9-1
1.8.10-1
1.8.11-1

Ubuntu:25.04 / hunspell

Package

Name
hunspell
Purl
pkg:deb/ubuntu/hunspell@1.7.2+really1.7.2-10build3?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.2+really1.7.2-10build3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "hunspell",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "hunspell-dbgsym",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "hunspell-tools",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "hunspell-tools-dbgsym",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-1.7-0",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-1.7-0-dbgsym",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-dev",
            "binary_version": "1.7.2+really1.7.2-10build3"
        },
        {
            "binary_name": "libhunspell-private-dev",
            "binary_version": "1.7.2+really1.7.2-10build3"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:25.04 / qtwebengine-opensource-src

Package

Name
qtwebengine-opensource-src
Purl
pkg:deb/ubuntu/qtwebengine-opensource-src@5.15.18+dfsg-2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.17+dfsg-4
5.15.17+dfsg-5
5.15.17+dfsg2-1
5.15.17+dfsg2-2
5.15.17+dfsg2-3
5.15.18+dfsg-1
5.15.18+dfsg-2

Ubuntu:25.04 / texmaker

Package

Name
texmaker
Purl
pkg:deb/ubuntu/texmaker@5.1.3+dfsg-3?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.1.3+dfsg-2build1
5.1.3+dfsg-3