Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora: 2009-8350 Moderate: Xerces-C Stack Overflow Risk Mitigation

fedora
Calendar Grey August 25, 2009
Dist Fedora Esm H88
Patch for CVE-2009-1885 in Fedora 10's xerces-c, resolving stack overflow issues during XML structure parsing.
CVE-2009-1885

Summary

Xerces-C is a validating XML parser written in a portable subset of

C++. Xerces-C makes it easy to give your application the ability to

read and write XML data. A shared library is provided for parsing,

generating, manipulating, and validating XML documents. Xerces-C is

faithful to the XML 1.0 recommendation and associated standards ( DOM

1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces).

Update Information:

CVE-2009-1885

Topics%20covered

Topics Covered

security advisory update Fedora stack overflow xerces-c

Change Log

* Thu Aug 6 2009 Peter Lemenkov 2.8.0-5 - Fix CVE-2009-1885 * Mon Jul 27 2009 Fedora Release Engineering - 2.8.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Thu Feb 26 2009 Fedora Release Engineering - 2.8.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

References


[ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures https://bugzilla.redhat.com/show_bug.cgi?id=515515

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xerces-c' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: xerces-c
Product: Fedora 10
Version: 2.8.0
Release: 5.fc10
URL: https://xerces.apache.org/xerces-c/
Summary: Validating XML Parser

Topics%20covered

Topics Covered

security advisory update Fedora stack overflow xerces-c

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here