Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:2375-1

Опубликовано: 06 сент. 2017
Источник: suse-cvrf

Описание

Security update for expat

This update for expat fixes the following issues:

  • CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour (bsc#1047240)
  • CVE-2017-9233: External Entity Vulnerability could lead to denial of service (bsc#1047236)

Список пакетов

SUSE Linux Enterprise Server 11 SP4
expat-2.0.1-88.42.3.2
libexpat1-2.0.1-88.42.3.2
libexpat1-32bit-2.0.1-88.42.3.2
libexpat1-x86-2.0.1-88.42.3.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
expat-2.0.1-88.42.3.2
libexpat1-2.0.1-88.42.3.2
libexpat1-32bit-2.0.1-88.42.3.2
libexpat1-x86-2.0.1-88.42.3.2
SUSE Linux Enterprise Software Development Kit 11 SP4
libexpat-devel-2.0.1-88.42.3.2
SUSE Studio Onsite 1.3
libexpat-devel-2.0.1-88.42.3.2

Ссылки

Описание

An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:expat-2.0.1-88.42.3.2
SUSE Linux Enterprise Server 11 SP4:libexpat1-2.0.1-88.42.3.2
SUSE Linux Enterprise Server 11 SP4:libexpat1-32bit-2.0.1-88.42.3.2
SUSE Linux Enterprise Server 11 SP4:libexpat1-x86-2.0.1-88.42.3.2
Ссылки

Описание

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:expat-2.0.1-88.42.3.2
SUSE Linux Enterprise Server 11 SP4:libexpat1-2.0.1-88.42.3.2
SUSE Linux Enterprise Server 11 SP4:libexpat1-32bit-2.0.1-88.42.3.2
SUSE Linux Enterprise Server 11 SP4:libexpat1-x86-2.0.1-88.42.3.2
Ссылки
Уязвимость SUSE-SU-2017:2375-1