Описание
Security update for mxml
This update for mxml fixes the following issues:
Security issues fixed:
- CVE-2016-4570, CVE-2016-4571: stack exhaustion parsing xml files using mxml (bsc#979205, bsc#979206)
Список пакетов
SUSE Linux Enterprise Software Development Kit 11 SP4
libmxml1-2.5-24.3.1
mxml-2.5-24.3.1
Ссылки
- Link for SUSE-SU-2017:3060-1
- E-Mail link for SUSE-SU-2017:3060-1
- SUSE Security Ratings
- SUSE Bug 979205
- SUSE Bug 979206
- SUSE CVE CVE-2016-4570 page
- SUSE CVE CVE-2016-4571 page
Описание
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:libmxml1-2.5-24.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:mxml-2.5-24.3.1
Ссылки
- CVE-2016-4570
- SUSE Bug 979205
- SUSE Bug 979206
Описание
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 11 SP4:libmxml1-2.5-24.3.1
SUSE Linux Enterprise Software Development Kit 11 SP4:mxml-2.5-24.3.1
Ссылки
- CVE-2016-4571
- SUSE Bug 979205
- SUSE Bug 979206