Univention Bugzilla – Bug 39421
expat: Mehrere Sicherheitslücken (4.1)
Last modified: 2017-10-26 13:53:58 CEST
This security issue is fixed in upstream Debian package version 2.1.0-1+deb7u2: * Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0 allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data (CVE-2015-1283)
Upstream Debian package version 2.1.0-1+deb7u3 fixes this additional issue: * Out-of-bounds heap read on crafted input causing crash or code execution (CVE-2016-0718)
Two additional issues have been fixed in the Jessie package version: * unanticipated internal calls to srand (CVE-2012-6702) * use of too little entropy (CVE-2016-5300)
Fixed in 2.1.0-1+deb7u4
Advisory: expat.yaml
OK: errata-announce -V --only expat.yaml OK: expat.yaml OK: aptitude install '?source-package(expat)~i' OK: aptitude install '?source-package(expat)' OK: zless /usr/share/doc/expat/changelog.Debian.gz # 2.1.0-1+deb7u4 FYI: Also fixes CVE-2016-0719, which is =0718 OK: /usr/bin/xmlwf /var/lib/gconf/defaults/%gconf-tree.xml
<http://errata.software-univention.de/ucs/4.1/348.html>