Описание
Security update for expat
This update for expat fixes the following issues:
Security issue fixed:
- CVE-2018-20843: Fixed a denial of service triggered by high resource consumption in the XML parser when XML names contain a large amount of colons (bsc#1139937).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
expat-2.2.5-lp151.3.3.1
libexpat-devel-2.2.5-lp151.3.3.1
libexpat-devel-32bit-2.2.5-lp151.3.3.1
libexpat1-2.2.5-lp151.3.3.1
libexpat1-32bit-2.2.5-lp151.3.3.1
openSUSE Leap 15.1
expat-2.2.5-lp151.3.3.1
libexpat-devel-2.2.5-lp151.3.3.1
libexpat-devel-32bit-2.2.5-lp151.3.3.1
libexpat1-2.2.5-lp151.3.3.1
libexpat1-32bit-2.2.5-lp151.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:1777-1
- SUSE Security Ratings
- SUSE Bug 1139937
- SUSE CVE CVE-2018-20843 page
Описание
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
Затронутые продукты
openSUSE Leap 15.0:expat-2.2.5-lp151.3.3.1
openSUSE Leap 15.0:libexpat-devel-2.2.5-lp151.3.3.1
openSUSE Leap 15.0:libexpat-devel-32bit-2.2.5-lp151.3.3.1
openSUSE Leap 15.0:libexpat1-2.2.5-lp151.3.3.1
Ссылки
- CVE-2018-20843
- SUSE Bug 1139937