what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3493-1

Debian Security Advisory 3493-1
Posted Feb 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3493-1 - Gustavo Grieco discovered that xerces-c, a validating XML parser library for C++, mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. These flaws could lead to a denial of service in applications using the xerces-c library, or potentially, to the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-0729
SHA-256 | 65b274c933d90cefe3382f57ce846303ac98c8a5232db435954e456e7b506eac

Debian Security Advisory 3493-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3493-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 25, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xerces-c
CVE ID : CVE-2016-0729
Debian Bug : 815907

Gustavo Grieco discovered that xerces-c, a validating XML parser library
for C++, mishandles certain kinds of malformed input documents,
resulting in buffer overflows during processing and error reporting.
These flaws could lead to a denial of service in applications using the
xerces-c library, or potentially, to the execution of arbitrary code.

For the oldstable distribution (wheezy), this problem has been fixed
in version 3.1.1-3+deb7u2.

For the stable distribution (jessie), this problem has been fixed in
version 3.1.1-5.1+deb8u1.

We recommend that you upgrade your xerces-c packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWzySQAAoJEAVMuPMTQ89EcvMP/3rigLRWRzgO3Lxyxvfpj+Gi
Xy5kq4DwlPrl7MR4C5lV2Wi9pTzk4SOnTbjDe9vl5w8RF+RPirYD1p5miRAZcRn/
5dHY+q7R3RLEPbctdeM2pP2XE9VwDzhZKpZP/TewbL5gxJyjtpCZBhvWOxgkJTB2
LnZdG/LAqIswU3fbWui0QTn4I1nB9M94QYsf4tv7908wT1fZVn4LSMSsic0Uwa/G
y7ski8Kot2IQYCYUMDtddtRSm3s45bS4Z5NM6KMrga63XjpxUzl/tZ2wfn4jB0oD
za/PYLIHr0tW2xBqzmtuK6c+DwrDqNhn1GlBYUmphq0iPCR26nz3j/zjibmebhMd
uoQflO8zNaw2NixyvfjSBAgpeJGYAHD7QLCyBqs6lvdt5hyFvamkRkpBejASIRWk
hhwJ0uF/BhgjMylwl79DvMuUD/+YuMzAhcuvJ0iN4+upqAhMqlbq/f76eianvOEZ
NiWj+N1UT0BMG1oVnswl5PziBPXf9ux31V5OUZn8UUKysQBSpWGKYmaIIVSbzj6y
YRkulxEKlZIICc+i6rVY/W7/c0MnQ56/2t0SYoKHYVAlX2pqMn1rBDqCfKHMba3p
BnvPF8VO9Kpykv/xkXYkaF+V2RrAN22Ju6c5T67SS7raIaL7SJ/FuNuZ4s9IGhIQ
exUPEo22+MI9Uw/NVTv4
=X3xz
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close