Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Scientific Linux: SLSA-2016:0430-1 Important Xerces-C Security Flaw

Calendar Mar 10, 2016 User Avatar LinuxSecurity Advisories
1 - 2 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory important update application threat xerces-c Scientific Linux
Important: xerces-c security update 
Date: Thu, 10 Mar 2016 19:03:01 -0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Important: xerces-c on SL7.x x86_64
MIME-Version: 1.0
Message-ID: <20160310190301.11089.88225@slpackages.fnal.gov>

Synopsis: Important: xerces-c security update
Advisory ID: SLSA-2016:0430-1
Issue Date: 2016-03-10
CVE Numbers: CVE-2016-0729
--

It was discovered that the Xerces-C XML parser did not properly process
certain XML input. By providing specially crafted XML data to an
application using Xerces-C for XML processing, a remote attacker could
exploit this flaw to cause an application crash or, possibly, execute
arbitrary code with the privileges of the application. (CVE-2016-0729)

After installing the update, all applications using Xerces-C must be
restarted for the update to take effect.
--

SL7
 x86_64
 xerces-c-3.1.1-8.el7_2.i686.rpm
 xerces-c-3.1.1-8.el7_2.x86_64.rpm
 xerces-c-debuginfo-3.1.1-8.el7_2.i686.rpm
 xerces-c-debuginfo-3.1.1-8.el7_2.x86_64.rpm
 xerces-c-devel-3.1.1-8.el7_2.i686.rpm
 xerces-c-devel-3.1.1-8.el7_2.x86_64.rpm
 noarch
 xerces-c-doc-3.1.1-8.el7_2.noarch.rpm

- Scientific Linux Development Team

Related News

Your message here