Описание
Security update for xerces-c
This update for xerces-c fixes the following security issue:
- CVE-2016-0729: Fixed mishandling certain kinds of malformed input documents, that resulted in buffer overlows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. (bsc#966822)
Список пакетов
SUSE Linux Enterprise Desktop 12
libxerces-c-3_1-3.1.1-7.1
libxerces-c-3_1-32bit-3.1.1-7.1
SUSE Linux Enterprise Desktop 12 SP1
libxerces-c-3_1-3.1.1-7.1
libxerces-c-3_1-32bit-3.1.1-7.1
SUSE Linux Enterprise Server 12 SP1
libxerces-c-3_1-3.1.1-7.1
libxerces-c-3_1-32bit-3.1.1-7.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libxerces-c-3_1-3.1.1-7.1
libxerces-c-3_1-32bit-3.1.1-7.1
SUSE Linux Enterprise Software Development Kit 12 SP1
libxerces-c-devel-3.1.1-7.1
SUSE Linux Enterprise Workstation Extension 12
libxerces-c-3_1-3.1.1-7.1
libxerces-c-3_1-32bit-3.1.1-7.1
Ссылки
- Link for SUSE-SU-2016:1026-1
- E-Mail link for SUSE-SU-2016:1026-1
- SUSE Security Ratings
- SUSE Bug 966822
- SUSE CVE CVE-2016-0729 page
Описание
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libxerces-c-3_1-3.1.1-7.1
SUSE Linux Enterprise Desktop 12 SP1:libxerces-c-3_1-32bit-3.1.1-7.1
SUSE Linux Enterprise Desktop 12:libxerces-c-3_1-3.1.1-7.1
SUSE Linux Enterprise Desktop 12:libxerces-c-3_1-32bit-3.1.1-7.1
Ссылки
- CVE-2016-0729
- SUSE Bug 966822