LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

expat: denial of service

Package(s):expat CVE #(s):CVE-2009-3560
Created:December 7, 2009 Updated:February 11, 2011
Description:

From the Fedora advisory:

A buffer over-read flaw was found in the way Expat handles malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause applications using Expat to crash while parsing the file. (CVE-2009-3560)

Alerts:
Slackware SSA:2011-041-03 2011-02-11
Slackware SSA:2011-041-02 2011-02-11
SUSE SUSE-SR:2010:015 2010-08-17
SUSE SUSE-SR:2010:014 2010-08-02
SuSE SUSE-SR:2010:012 2010-05-25
SuSE SUSE-SR:2010:011 2010-05-10
Ubuntu USN-890-6 2010-04-15
SuSE SUSE-SR:2010:013 2010-06-14
Ubuntu USN-890-4 2010-01-26
Debian DSA-1977-1 2010-01-25
Ubuntu USN-890-3 2010-01-22
Ubuntu USN-890-2 2010-01-21
Ubuntu USN-890-1 2010-01-20
SuSE SUSE-SR:2010:005 2010-02-23
SuSE SUSE-SR:2010:001 2010-01-19
Ubuntu USN-890-5 2010-02-18
SuSE SUSE-SR:2009:020 2010-01-12
Mandriva MDVSA-2009:316-3 2010-01-10
Mandriva MDVSA-2009:316-2 2010-01-09
Mandriva MDVSA-2009:316-1 2010-01-08
Debian DSA-1953-2 2009-12-31
Debian DSA-1953-1 2009-12-15
CentOS CESA-2009:1625 2009-12-08
CentOS CESA-2009:1625 2009-12-08
Red Hat RHSA-2009:1625-01 2009-12-07
Mandriva MDVSA-2009:316 2009-12-05
Fedora FEDORA-2009-12737 2009-12-04
Fedora FEDORA-2009-12716 2009-12-04
Fedora FEDORA-2009-12690 2009-12-04
Gentoo 201209-06 2012-09-24
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds