Nacionalni CERT

Sigurnosni nedostaci programskog paketa expat

<p>--------------------------------------------------------------------------------<br />Fedora Update Notification<br />FEDORA-2017-18601ad5d2<br />2017-07-14 11:45:23.815496<br />--------------------------------------------------------------------------------<br /><br />Name : expat<br />Product : Fedora 26<br />Version : 2.2.1<br />Release : 1.fc26<br />URL :<br />Summary : An XML parser library<br />Description :<br />This is expat, the C library for parsing XML, written by James Clark. Expat<br />is a stream oriented XML parser. This means that you register handlers with<br />the parser prior to starting the parse. These handlers are called when the<br />parser discovers the associated structures in the document being parsed. A<br />start tag is an example of the kind of structures for which you may<br />register handlers.<br /><br />--------------------------------------------------------------------------------<br />Update Information:<br /><br /><br />--------------------------------------------------------------------------------<br />References:<br /><br /> [ 1 ] Bug #1462756 - CVE-2016-9063 expat: firefox: Possible integer overflow to fix inside XML_Parse in Expat [fedora-all]<br /><br /> [ 2 ] Bug #1462735 - CVE-2017-9233 expat: Inifinite loop due to invalid XML in external entity [fedora-all]<br /><br /> [ 3 ] Bug #1462474 - expat-2.2.1 is available<br /><br />--------------------------------------------------------------------------------<br /><br />This update can be installed with the "dnf" update program. Use<br />su -c 'dnf upgrade expat' at the command line.<br />For more information, refer to the dnf documentation available at<br /> /><br />All packages are signed with the Fedora Project GPG key. More details on the<br />GPG keys used by the Fedora Project can be found at<br /><br />--------------------------------------------------------------------------------<br />_______________________________________________<br />package-announce mailing list --<br />To unsubscribe send an email to</p>
Otkriveni su sigurnosni nedostaci u programskom paketu expat za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog koda. Savjetuje se ažuriranje izdanim zakrpama.