Описание
Security update for expat
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. (bsc#979441)
- CVE-2015-1283: Fix multiple integer overflows. (bnc#980391) This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.1
expat-2.1.0-17.1
libexpat-devel-2.1.0-17.1
libexpat-devel-32bit-2.1.0-17.1
libexpat1-2.1.0-17.1
libexpat1-32bit-2.1.0-17.1
Ссылки
- E-Mail link for openSUSE-SU-2016:1523-1
- SUSE Security Ratings
Описание
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
Затронутые продукты
openSUSE Leap 42.1:expat-2.1.0-17.1
openSUSE Leap 42.1:libexpat-devel-2.1.0-17.1
openSUSE Leap 42.1:libexpat-devel-32bit-2.1.0-17.1
openSUSE Leap 42.1:libexpat1-2.1.0-17.1
Ссылки
- CVE-2015-1283
- SUSE Bug 1034050
- SUSE Bug 939077
- SUSE Bug 979441
- SUSE Bug 980391
- SUSE Bug 983985
Описание
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Затронутые продукты
openSUSE Leap 42.1:expat-2.1.0-17.1
openSUSE Leap 42.1:libexpat-devel-2.1.0-17.1
openSUSE Leap 42.1:libexpat-devel-32bit-2.1.0-17.1
openSUSE Leap 42.1:libexpat1-2.1.0-17.1
Ссылки
- CVE-2016-0718
- SUSE Bug 979441
- SUSE Bug 991809