LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: xerces-c security update
Advisory ID:       SLSA-2020:0702-1
Issue Date:        2020-03-04
CVE Numbers:       CVE-2018-1311
--

Security Fix(es):

* xerces-c: XML parser contains a use-after-free error triggered during the
scanning of external DTDs (CVE-2018-1311)
--

SL6
  x86_64
    xerces-c-3.0.1-21.el6_10.i686.rpm
    xerces-c-3.0.1-21.el6_10.x86_64.rpm
    xerces-c-debuginfo-3.0.1-21.el6_10.i686.rpm
    xerces-c-debuginfo-3.0.1-21.el6_10.x86_64.rpm
    xerces-c-devel-3.0.1-21.el6_10.i686.rpm
    xerces-c-devel-3.0.1-21.el6_10.x86_64.rpm
  i386
    xerces-c-3.0.1-21.el6_10.i686.rpm
    xerces-c-debuginfo-3.0.1-21.el6_10.i686.rpm
    xerces-c-devel-3.0.1-21.el6_10.i686.rpm
  noarch
    xerces-c-doc-3.0.1-21.el6_10.noarch.rpm

- Scientific Linux Development Team