Описание
Security update for mxml
This update for mxml fixes the following issues:
- CVE-2016-4570: Specially crafted XML files could have caused stack exhaustation (bsc#979205)
- CVE-2016-4571: Specially crafted XML files could have caused stack exhaustation (bsc#979206)
Список пакетов
openSUSE Leap 42.1
libmxml1-2.9-5.3.1
libmxml1-32bit-2.9-5.3.1
mxml-2.9-5.3.1
mxml-devel-2.9-5.3.1
openSUSE Leap 42.2
libmxml1-2.9-5.3.1
libmxml1-32bit-2.9-5.3.1
mxml-2.9-5.3.1
mxml-devel-2.9-5.3.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0815-1
- SUSE Security Ratings
Описание
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
Затронутые продукты
openSUSE Leap 42.1:libmxml1-2.9-5.3.1
openSUSE Leap 42.1:libmxml1-32bit-2.9-5.3.1
openSUSE Leap 42.1:mxml-2.9-5.3.1
openSUSE Leap 42.1:mxml-devel-2.9-5.3.1
Ссылки
- CVE-2016-4570
- SUSE Bug 979205
- SUSE Bug 979206
Описание
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
Затронутые продукты
openSUSE Leap 42.1:libmxml1-2.9-5.3.1
openSUSE Leap 42.1:libmxml1-32bit-2.9-5.3.1
openSUSE Leap 42.1:mxml-2.9-5.3.1
openSUSE Leap 42.1:mxml-devel-2.9-5.3.1
Ссылки
- CVE-2016-4571
- SUSE Bug 979205
- SUSE Bug 979206