Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora: 2020-9482 Urgent: Libxml2 Buffer Overflow Patch - Critical Fix

fedora
Calendar Grey August 25, 2009
Dist Fedora Esm H88
Important security notice for Fedora 11 regarding the xerces-c patch to mitigate the CVE-2009-1885 stack overflow issue.
CVE-2009-1885

Summary

Xerces-C is a validating XML parser written in a portable subset of

C++. Xerces-C makes it easy to give your application the ability to

read and write XML data. A shared library is provided for parsing,

generating, manipulating, and validating XML documents. Xerces-C is

faithful to the XML 1.0 recommendation and associated standards ( DOM

1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces).

Update Information:

CVE-2009-1885

Topics%20covered

Topics Covered

security advisory security issue buffer overflow critical Fedora xerces-c XML parser

Change Log

* Thu Aug 6 2009 Peter Lemenkov 2.8.0-5 - Fix CVE-2009-1885 * Mon Jul 27 2009 Fedora Release Engineering - 2.8.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

References


[ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures https://bugzilla.redhat.com/show_bug.cgi?id=515515

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xerces-c' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xerces-c
Product: Fedora 11
Version: 2.8.0
Release: 5.fc11
URL: https://xerces.apache.org/xerces-c/
Summary: Validating XML Parser

Topics%20covered

Topics Covered

security advisory security issue buffer overflow critical Fedora xerces-c XML parser

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here