Debian Bug report logs -
#551936
expat: CVE-2009-2625
Package:
expat;
Maintainer for expat is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for expat is src:expat (PTS, buildd, popcon)
Reported by: Michael Gilbert <michaelsgilbert@gmailcom>
Date: Wed, 21 Oct 2009 22:45:01 UTC
Severity: serious
Tags: security
...
Debian Bug report logs -
#560901
expat: CVE-2009-3560
Package:
expat;
Maintainer for expat is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Source for expat is src:expat (PTS, buildd, popcon)
Reported by: Michael Gilbert <michaelsgilbert@gmailcom>
Date: Sun, 13 Dec 2009 01:48:05 UTC
Severity: serious
Tags: security
...
Peter Valchev discovered an error in expat, an XML parsing C library,
when parsing certain UTF-8 sequences, which can be exploited to crash an
application using the library
For the old stable distribution (etch), this problem has been fixed in
version 1958-34+etch1
For the stable distribution (lenny), this problem has been fixed in
version 20 ...
Synopsis
Critical: java-150-sun security update
Type/Severity
Security Advisory: Critical
Topic
Updated java-150-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...
Synopsis
Critical: java-160-sun security update
Type/Severity
Security Advisory: Critical
Topic
Updated java-160-sun packages that correct several security issues arenow available for Red Hat Enterprise Linux 4 Extras and 5 SupplementaryThis update has been rated as having critical security impact by t ...
Synopsis
Moderate: jasperreports-server-pro security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An updated jasperreports-server-pro package that fixes one security issueand various bugs is now availableThe Red Hat Security Response Team has rated this update as having moderatesecuri ...
Synopsis
Important: java-160-openjdk security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated java-160-openjdk packages that fix several security issues and abug are now available for Red Hat Enterprise Linux 5This update has been rated as having important security impact by ...
Synopsis
Low: Red Hat Network Satellite Server IBM Java Runtime security update
Type/Severity
Security Advisory: Low
Topic
Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 53This update has been rated as having low security impact by th ...
USN-890-1 fixed vulnerabilities in Expat This update provides the
corresponding updates for the PyExpat module in Python 24 ...
USN-890-1 fixed vulnerabilities in Expat This update provides the
corresponding updates for XML-RPC for C and C++ ...
USN-890-1 fixed vulnerabilities in Expat This update provides the
corresponding updates for the PyExpat module in Python 25 ...
Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did
not properly process malformed XML If a user or application linked against
Expat were tricked into opening a crafted XML file, an attacker could cause
a denial of service via application crash (CVE-2009-2625, CVE-2009-3720) ...
It was discovered that the XML HMAC signature system did not
correctly check certain lengths If an attacker sent a truncated
HMAC, it could bypass authentication, leading to potential privilege
escalation (CVE-2009-0217) ...
USN-890-1 fixed vulnerabilities in Expat This update provides the
corresponding updates for CMake ...
USN-890-1 fixed vulnerabilities in Expat This update provides the
corresponding updates for PyXML ...