SCIENTIFIC-LINUX-ERRATA Archives

December 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: expat on SL6.x, SL7.x i386/x86_64
From:
Scott Reid <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 14 Dec 2016 18:19:28 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (40 lines) 
Synopsis:          Moderate: expat security update
Advisory ID:       SLSA-2016:2824-1
Issue Date:        2016-11-28
CVE Numbers:       CVE-2016-0718
--

Security Fix(es):

* An out-of-bounds read flaw was found in the way Expat processed certain
input. A remote attacker could send specially crafted XML that, when
parsed by an application using the Expat library, would cause that
application to crash or, possibly, execute arbitrary code with the
permission of the user running the application. (CVE-2016-0718)
--

SL6
  x86_64
    expat-2.0.1-13.el6_8.i686.rpm
    expat-2.0.1-13.el6_8.x86_64.rpm
    expat-debuginfo-2.0.1-13.el6_8.i686.rpm
    expat-debuginfo-2.0.1-13.el6_8.x86_64.rpm
    expat-devel-2.0.1-13.el6_8.i686.rpm
    expat-devel-2.0.1-13.el6_8.x86_64.rpm
  i386
    expat-2.0.1-13.el6_8.i686.rpm
    expat-debuginfo-2.0.1-13.el6_8.i686.rpm
    expat-devel-2.0.1-13.el6_8.i686.rpm
SL7
  x86_64
    expat-2.1.0-10.el7_3.i686.rpm
    expat-2.1.0-10.el7_3.x86_64.rpm
    expat-debuginfo-2.1.0-10.el7_3.i686.rpm
    expat-debuginfo-2.1.0-10.el7_3.x86_64.rpm
    expat-devel-2.1.0-10.el7_3.i686.rpm
    expat-devel-2.1.0-10.el7_3.x86_64.rpm
    expat-static-2.1.0-10.el7_3.i686.rpm
    expat-static-2.1.0-10.el7_3.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2