Synopsis: Moderate: 4Suite security update Issue date: 2009-11-10 CVE Names: CVE-2009-3720 CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences A buffer over-read flaw was found in the way 4Suite's XML parser handles malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause applications using the 4Suite library to crash while parsing the file. (CVE-2009-3720) After installing the updated package, applications using the 4Suite XML-related tools and libraries must be restarted for the update to take effect. SL 3.0.x SRPMS: 4Suite-0.11.1-15.src.rpm i386: 4Suite-0.11.1-15.i386.rpm x86_64: 4Suite-0.11.1-15.x86_64.rpm SL 4.x SRPMS: 4Suite-1.0-3.el4_8.1.src.rpm i386: 4Suite-1.0-3.el4_8.1.i386.rpm x86_64: 4Suite-1.0-3.el4_8.1.x86_64.rpm -Connie Sieh -Troy Dawson