Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 486
Alerts This Week
Warning Icon 1 486

Fedora 23: FEDORA-2017-9a2c27a5a3 Major: libxml2 Vulnerability Mitigation

fedora
Calendar Grey April 18, 2016
Dist Fedora Esm H88
Xerces-C 3.1.3 patch addresses CVE-2016-0729, fixing issues related to parser failures triggered by poorly structured input.
Update to xerces-c 3.1.3, fixing CVE-2016-0729

Summary

Xerces-C is a validating XML parser written in a portable

subset of C++. Xerces-C makes it easy to give your application the

ability to read and write XML data. A shared library is provided for

parsing, generating, manipulating, and validating XML

documents. Xerces-C is faithful to the XML 1.0 recommendation and

associated standards: XML 1.0 (Third Edition), XML 1.1 (First

Edition), DOM Level 1, 2, 3 Core, DOM Level 2.0 Traversal and Range,

DOM Level 3.0 Load and Save, SAX 1.0 and SAX 2.0, Namespaces in XML,

Namespaces in XML 1.1, XML Schema, XML Inclusions).

Update Information:

Update to xerces-c 3.1.3, fixing CVE-2016-0729

Change Log

References


[ 1 ] Bug #1312231 - CVE-2016-0729 xerces-c: parser crashes on malformed input https://bugzilla.redhat.com/show_bug.cgi?id=1312231

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update xerces-c' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: xerces-c
Product: Fedora 22
Version: 3.1.3
Release: 1.fc22
Summary: Validating XML Parser

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.