FS#44272 : [xerces-c] CVE-2015-0252: Apache Xerces-C XML Parser Crashes on Malformed Input

FS#44272 - [xerces-c] CVE-2015-0252: Apache Xerces-C XML Parser Crashes on Malformed Input

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Friday, 20 March 2015, 09:06 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 20 March 2015, 16:04 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Florian Pritz (bluewind) Sven-Hendrik Haase (Svenstaro)
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Hello,

A security issue has been found [1] in xerces-c < 3.1.2. I believe we should upgrade to 3.1.2.

[1] https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt

This task depends upon

Closed by Doug Newgard (Scimmia)
Friday, 20 March 2015, 16:04 GMT
Reason for closing: Fixed
Additional comments about closing: 3.1.2-1

Comment by Doug Newgard (Scimmia) - Friday, 20 March 2015, 15:20 GMT

Field changed: Status (Unconfirmed → Assigned)
Task assigned to Florian Pritz (bluewind), Sven-Hendrik Haase (Svenstaro)

Orphan. Assigning to bluewind because freecad needs it, and Svenstaro because megaglest needs it.

Comment by Levente Polyak (anthraxx) - Friday, 20 March 2015, 15:41 GMT

version 3.1.2 got synced to [extra] just in this moment, issue is therefor fixed

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#44272 - [xerces-c] CVE-2015-0252: Apache Xerces-C XML Parser Crashes on Malformed Input

Details

Loading...