[ubuntu/precise-updates] xerces-c 3.1.1-1+deb6u2build0.12.04.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Mar 1 00:58:14 UTC 2016
xerces-c (3.1.1-1+deb6u2build0.12.04.1) precise-security; urgency=medium
* fake sync from Debian
xerces-c (3.1.1-1+deb6u2) squeeze-lts; urgency=high
* Non-maintainer upload by the Squeeze LTS Team.
* Add CVE-2016-0729.patch patch.
Apache Xerces-C XML Parser Crashes on Malformed Input
The Xerces-C XML parser mishandles certain kinds of malformed
input documents, resulting in buffer overlows during processing
and error reporting. The overflows can manifest as a segmentation
fault or as memory corruption during a parse operation. The bugs
allow for a denial of service attack in many applications by an
unauthenticated attacker, and could conceivably result in remote
code execution.
Date: 2016-02-29 22:58:17.873598+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/xerces-c/3.1.1-1+deb6u2build0.12.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list