Описание
Security update for expat
This update for expat fixes the following issues:
- CVE-2016-9063: Possible integer overflow to fix inside XML_Parse leading to unexpected behaviour (bsc#1047240)
- CVE-2017-9233: External Entity Vulnerability could lead to denial of service (bsc#1047236)
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.2
expat-2.1.0-24.1
libexpat-devel-2.1.0-24.1
libexpat-devel-32bit-2.1.0-24.1
libexpat1-2.1.0-24.1
libexpat1-32bit-2.1.0-24.1
openSUSE Leap 42.3
expat-2.1.0-24.1
libexpat-devel-2.1.0-24.1
libexpat-devel-32bit-2.1.0-24.1
libexpat1-2.1.0-24.1
libexpat1-32bit-2.1.0-24.1
Ссылки
- E-Mail link for openSUSE-SU-2017:2336-1
- SUSE Security Ratings
Описание
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
Затронутые продукты
openSUSE Leap 42.2:expat-2.1.0-24.1
openSUSE Leap 42.2:libexpat-devel-2.1.0-24.1
openSUSE Leap 42.2:libexpat-devel-32bit-2.1.0-24.1
openSUSE Leap 42.2:libexpat1-2.1.0-24.1
Ссылки
- CVE-2016-9063
- SUSE Bug 1009026
- SUSE Bug 1010424
- SUSE Bug 1047240
- SUSE Bug 1123115
Описание
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
Затронутые продукты
openSUSE Leap 42.2:expat-2.1.0-24.1
openSUSE Leap 42.2:libexpat-devel-2.1.0-24.1
openSUSE Leap 42.2:libexpat-devel-32bit-2.1.0-24.1
openSUSE Leap 42.2:libexpat1-2.1.0-24.1
Ссылки
- CVE-2017-9233
- SUSE Bug 1030296
- SUSE Bug 1047236
- SUSE Bug 1073350
- SUSE Bug 1123115
- SUSE Bug 983216