Synopsis: Moderate: 4Suite security update
Issue date: 2009-11-10
CVE Names: CVE-2009-3720
CVE-2009-3720 expat: buffer over-read and crash on XML with malformed
UTF-8 sequences
A buffer over-read flaw was found in the way 4Suite's XML parser handles
malformed UTF-8 sequences when processing XML files. A specially-crafted
XML file could cause applications using the 4Suite library to crash
while parsing the file. (CVE-2009-3720)
After installing the updated package, applications using the 4Suite
XML-related tools and libraries must be restarted for the update to take
effect.
SL 3.0.x
SRPMS:
4Suite-0.11.1-15.src.rpm
i386:
4Suite-0.11.1-15.i386.rpm
x86_64:
4Suite-0.11.1-15.x86_64.rpm
SL 4.x
SRPMS:
4Suite-1.0-3.el4_8.1.src.rpm
i386:
4Suite-1.0-3.el4_8.1.i386.rpm
x86_64:
4Suite-1.0-3.el4_8.1.x86_64.rpm
-Connie Sieh
-Troy Dawson