Univention Bugzilla – Bug 38207
xerces-c: Denial of service (4.1)
Last modified: 2017-10-26 13:53:57 CEST
Denial of service in internal/XMLReader.cpp via crafted XML data (CVE-2015-0252)
Fixed in upstream Debian package version 3.1.1-3+deb7u1
Fixed in upstream Debian package version 3.1.1-3+deb7u2: * Apache Xerces-C XML Parser Crashes on Malformed Input (CVE-2016-0729)
Fixed in upstream Debian package version 3.1.1-3+deb7u3: * Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier does not properly handle exceptions raised in the XMLReader class, which allows context-dependent attackers to have unspecified impact via an invalid character in an XML document. (CVE-2016-2099)
Package : xerces-c Version : 3.1.1-3+deb7u4 CVE ID : CVE-2016-4463 Debian Bug : 828990 Brandon Perry discovered that xerces-c, a validating XML parser library for C++, fails to successfully parse a DTD that is deeply nested, causing a stack overflow. A remote unauthenticated attacker can take advantage of this flaw to cause a denial of service against applications using the xerces-c library. Additionally this update includes an enhancement to enable applications to fully disable DTD processing through the use of an environment variable (XERCES_DISABLE_DTD). For Debian 7 "Wheezy", these problems have been fixed in version 3.1.1-3+deb7u4.
Tests (i386): OK Advisory: xerces-c.yaml
Verified: * 3.1.1-3+deb7u4 imported and built * No UCS patches * Package update Ok (amd64) (tested with open-vm-tools) * Advisory Ok
<http://errata.software-univention.de/ucs/4.1/242.html>