Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in expat
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in expat
ID: FEDORA-2016-0fd6ca526a
Distribution: Fedora
Plattformen: Fedora 22
Datum: Di, 12. Juli 2016, 07:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
Applikationen: expat

Originalnachricht

 
Name        : expat
Product     : Fedora 22
Version     : 2.1.1
Release     : 2.fc22
URL         : http://www.libexpat.org/
Summary     : An XML parser library
Description :
This is expat, the C library for parsing XML, written by James Clark. Expat
is a stream oriented XML parser. This means that you register handlers with
the parser prior to starting the parse. These handlers are called when the
parser discovers the associated structures in the document being parsed. A
start tag is an example of the kind of structures for which you may
register handlers.

-------------------------------------------------------------------------------
-
Update Information:

Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and
CVE-2012-6702.
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1344252 - CVE-2016-4472 expat: Undefined behavior and pointer
 overflows [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1344252
  [ 2 ] Bug #1343086 - CVE-2016-5300 expat: Little entropy used for hash
 initialization [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1343086
  [ 3 ] Bug #1337116 - CVE-2016-0718 expat: Out-of-bounds heap read on crafted
 input causing crash [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1337116
  [ 4 ] Bug #1319732 - CVE-2012-6702 expat: Using XML_Parse before rand()
 results into non-random output [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1319732
  [ 5 ] Bug #1197087 - XML_Parse breaks rand() function
        https://bugzilla.redhat.com/show_bug.cgi?id=1197087
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update expat' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung