FEDORA-2016-0a061f6dd9

security update in Fedora 24 for mingw-xerces-c

Status: stable 2 years ago

MinGW cross compiled xerces-c 3.1.4, fixing CVE-2016-0729, CVE-2016-2099 and CVE-2016-4463

How to install

sudo dnf upgrade --advisory=FEDORA-2016-0a061f6dd9

Comments 6

This update has been submitted for testing by kalev.

This update has been pushed to testing.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+1
stable threshold: 1
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago

Related Bugs 6

00 #1310699 CVE-2016-2099 xerces-c: Use-after-free in heap on specially crafted XML input
00 #1312231 CVE-2016-0729 xerces-c: parser crashes on malformed input
00 #1312233 CVE-2016-0729 mingw-xerces-c: xerces-c: parser crashes on malformed input [fedora-all]
00 #1334687 CVE-2016-2099 mingw-xerces-c: xerces-c: Use-after-free in heap on specially crafted XML input [fedora-all]
00 #1348845 CVE-2016-4463 xerces-c: Stack overflow when parsing deeply nested DTD
00 #1351468 CVE-2016-4463 mingw-xerces-c: xerces-c: Stack overflow when parsing deeply nested DTD [fedora-all]

Automated Test Results