You are here
Home > Preporuke > Ranjivost programskog paketa expat

Ranjivost programskog paketa expat

==========================================================================
Ubuntu Security Notice USN-2983-1
May 18, 2016

expat vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS
– Ubuntu 15.10
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

Expat could be made to crash or run programs as your login if it opened a
specially crafted file.

Software Description:
– expat: XML parsing C library

Details:

Gustavo Grieco discovered that Expat incorrectly handled malformed XML
data. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of service, or
possibly execute arbitrary code. (CVE-2016-0718)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
lib64expat1 2.1.0-7ubuntu0.16.04.1
libexpat1 2.1.0-7ubuntu0.16.04.1

Ubuntu 15.10:
lib64expat1 2.1.0-7ubuntu0.15.10.1
libexpat1 2.1.0-7ubuntu0.15.10.1

Ubuntu 14.04 LTS:
lib64expat1 2.1.0-4ubuntu1.2
libexpat1 2.1.0-4ubuntu1.2

Ubuntu 12.04 LTS:
lib64expat1 2.0.1-7.2ubuntu1.3
libexpat1 2.0.1-7.2ubuntu1.3

After a standard system upgrade you need to restart any applications linked
against Expat to effect the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2983-1
CVE-2016-0718

Package Information:
https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/expat/2.1.0-7ubuntu0.15.10.1
https://launchpad.net/ubuntu/+source/expat/2.1.0-4ubuntu1.2
https://launchpad.net/ubuntu/+source/expat/2.0.1-7.2ubuntu1.3

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJXPFdHAAoJEGVp2FWnRL6TfOgP/3lFOSY1kcZX38A+JIn6Qfbd
K+upZGBpjIvmdTxtEfBvc1e18exlnfGR69XH1LZEttz9rIgAy4v9DpY1HzI16VK7
qiFct86IKoaJFND8BJvaQSyFUo7FKTD4th/LWNrTX0gKD7x3dNu1Rv69L8nvc1sp
U8n6sR4iWEhIk441EbkpHegVkG5Di51lnqVxW6Hh7MmWIwbJE1yoc8iDE0cu8H8m
/c6xdJjkUF/GrNG2CldrTXnx8PXgHHcje/1FSpnPwhFiXhD689/Iip67npy4LHyx
WBisdsUp7PJaEbb2JQZgSjTt7FjqvU9hnQxxcxf+4wiJWKDIIjRVjzKGvxvNqb5g
20KE18mWk68krxjkwDCEjA5SDvlM2eDeSp4qGPibqJQhpSgchxRluor6HGlrjOfE
e7rK2vxL/UxjhGx0WhWgzMwwB5NA1e6RUTDOfhT4FSShpBTlzAnUem7v0Is86r3J
o2ysd2/07j+Y18gIlFuOWZNi7FCMrQnvBX/9cS153y1oG28ydMDLD11MJNVUICRx
1LYzvkHU0BnSJws/eJcy2FCcx+Qs+0DIpcn8Xh7eLKUtNlhbMiqTiJ6VTVvmSmSb
WN480Vc1blaKc0qGB6ILokxY2LKm9B2AyNWcnem61AgY9LWsg2wHY5Qa2dAb2AwG
2HNOh5RJGcfD6zs/Zel5
=gLNq
—–END PGP SIGNATURE—–

Top
More in Preporuke
Višestruke ranjivosti programskog paketa xen

Otkrivene su višestruke ranjivosti u programskom paketu xen za SUSE LE. Zahvaćene su razne komponente, a ovisno o tipu ranjivosti...

Close