Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 08 Mar 2012 22:09:44 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: expat 2.1.0beta fixes 5 Denial of Service attacks,
 CVE's/details inside

A link would have been helpful. Derp.

http://sourceforge.net/projects/expat/files/expat/2.1.0/

On 03/08/2012 10:01 PM, Kurt Seifried wrote:
> So expat is releasing an update (2.0.1 -> 2.1.0) which is the first one
> in a while (which is a testament to the stability and reliability of
> expat). If you want to help Karl Waclawek (karl@...lawek.net), the
> author of expat out (and by extension pretty much everyone using Open
> Source that parses xml using expat which is a lot of stuff), please test
> the 2.1.0beta and send him feedback (works, doesn't work, etc.). Two of
> the issues were already assigned CVE's back in 2009, the rest got 2012
> because that where we are now.
> 
> Changes in Expat 2.1.0beta:
> 
> #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
> http://mail.python.org/pipermail/expat-bugs/2009-November/002858.html
> http://sourceforge.net/tracker/?func=detail&aid=2895533&group_id=10127&atid=110127
> https://bugzilla.redhat.com/show_bug.cgi?id=801634
> 
> #1990430: CVE-2009-3720 - Parser crash with specially formatted UTF-8
> sequences.
> http://mail.python.org/pipermail/expat-bugs/2009-January/002781.html
> http://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127
> https://bugzilla.redhat.com/show_bug.cgi?id=531697
> 
> #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
> http://mail.python.org/pipermail/expat-bugs/2009-November/002846.html
> http://sourceforge.net/tracker/?func=detail&atid=110127&aid=2894085&group_id=10127
> https://bugzilla.redhat.com/show_bug.cgi?id=533174
> 
> #2958794: CVE-2012-1148 - Memory leak in poolGrow.
> http://mail.python.org/pipermail/expat-bugs/2010-February/002870.html
> http://sourceforge.net/tracker/?func=detail&atid=110127&aid=2958794&group_id=10127
> https://bugzilla.redhat.com/show_bug.cgi?id=801648
> 
> #3496608: CVE-2012-0876 - Hash DOS attack.
> http://blog.gmane.org/gmane.text.xml.expat.bugs/month=20120301
> http://sourceforge.net/tracker/?func=detail&atid=110127&aid=3496608&group_id=10127
> https://bugzilla.redhat.com/show_bug.cgi?id=786617
> 
> 


-- 
Kurt Seifried Red Hat Security Response Team (SRT)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.