xerces-c-3.1.1-9.el7
エラータID: AXSA:2019-3675:01
Xerces-C is a validating XML parser written in a portable subset of C . Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.
Security Fix(es):
* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.6 Release Notes linked from the References section.
CVE-2016-4463
Stack-based buffer overflow in Apache Xerces-C before 3.1.4 allows
context-dependent attackers to cause a denial of service via a deeply
nested DTD.
Update packages.
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
N/A
SRPMS
- xerces-c-3.1.1-9.el7.src.rpm
MD5: 4de00c71c6e2bf098cad19825f6caf34
SHA-256: b7ca389b8a2ddbaa0a82b2d3e83bcb53e1553555fe63de1bb0ca2d4b831c0e5f
Size: 4.80 MB
Asianux Server 7 for x86_64
- xerces-c-3.1.1-9.el7.x86_64.rpm
MD5: c80e743bbf01cb01103bd80dae55091b
SHA-256: 9c967b983b2120ffa1a217feb10d1218210cf966dd6b6fbe924a8119c087d0c0
Size: 877.60 kB - xerces-c-3.1.1-9.el7.i686.rpm
MD5: 9500b66b010394a3312ae01ac3eada76
SHA-256: 5b5524e0d2f9ffb8ad5f0212e08ca8f3e82040e8ae23a73499299102b040a112
Size: 887.70 kB