Univention Bugzilla – Full Text Bug Listing |
Summary: | xerces-c: Denial of service (4.1) | ||
---|---|---|---|
Product: | UCS | Reporter: | Arvid Requate <requate> |
Component: | Security updates | Assignee: | Janek Walkenhorst <walkenhorst> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P2 | CC: | gohmann |
Version: | UCS 4.1 | Flags: | requate:
Patch_Available+
|
Target Milestone: | UCS 4.1-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Security | |
Max CVSS v3 score: |
Description
Arvid Requate
2015-04-07 14:43:12 CEST
Fixed in upstream Debian package version 3.1.1-3+deb7u1 Fixed in upstream Debian package version 3.1.1-3+deb7u2: * Apache Xerces-C XML Parser Crashes on Malformed Input (CVE-2016-0729) Fixed in upstream Debian package version 3.1.1-3+deb7u3: * Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier does not properly handle exceptions raised in the XMLReader class, which allows context-dependent attackers to have unspecified impact via an invalid character in an XML document. (CVE-2016-2099) Package : xerces-c Version : 3.1.1-3+deb7u4 CVE ID : CVE-2016-4463 Debian Bug : 828990 Brandon Perry discovered that xerces-c, a validating XML parser library for C++, fails to successfully parse a DTD that is deeply nested, causing a stack overflow. A remote unauthenticated attacker can take advantage of this flaw to cause a denial of service against applications using the xerces-c library. Additionally this update includes an enhancement to enable applications to fully disable DTD processing through the use of an environment variable (XERCES_DISABLE_DTD). For Debian 7 "Wheezy", these problems have been fixed in version 3.1.1-3+deb7u4. Tests (i386): OK Advisory: xerces-c.yaml Verified: * 3.1.1-3+deb7u4 imported and built * No UCS patches * Package update Ok (amd64) (tested with open-vm-tools) * Advisory Ok |