Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Mageia 6 & 7: MGASA-2019-0274 Moderate: Expat Denial of Service

mageia
Calendar Grey September 15, 2019
Dist Mageia Esm H88
The Mageia team has released updates for expat packages to mitigate a security vulnerability that could lead to denial of service scenarios. Further information and guidance are provided.
Updated expat packages fix security vulnerability: It was discovered that Expat did not properly handled XML input including XML names that contain a large number of colons, poten...

Summary

Updated expat packages fix security vulnerability:
It was discovered that Expat did not properly handled XML input including XML names that contain a large number of colons, potentially resulting in denial of service (CVE-2018-20843).

References

- https://bugs.mageia.org/show_bug.cgi?id=25019

- https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes

- https://lists.debian.org/debian-security-announce/2019/msg00120.html

- https://www.cve.org/CVERecord?id=CVE-2018-20843

Topics%20covered

Topics Covered

security advisory denial of service security fix expat Mageia

Resolution

SRPMS

- 7/core/expat-2.2.7-1.mga7

- 6/core/expat-2.2.7-1.mga6

Publication date: 15 Sep 2019
URL: https://advisories.mageia.org/MGASA-2019-0274.html
Type: security
CVE: CVE-2018-20843

Topics%20covered

Topics Covered

security advisory denial of service security fix expat Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here