MDVSA-2009:316 -- Mandriva expatID: oval:org.secpod.oval:def:300484 | Date: (C)2012-01-07 (M)2024-02-19 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in expat: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720 . Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.
Platform: |
Mandriva Linux 2010.0 |
Mandriva Linux 2009.0 |
Mandriva Linux 2009.1 |
Mandriva Linux 2008.0 |