FEDORA-2016-0fd6ca526a

security update in Fedora 22 for expat

Status: stable 3 years ago

Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and CVE-2012-6702.

Comments 7

This update has been submitted for testing by jorton.

This update has been pushed to testing.

no regressions noted

karma: +1

Programs dependant on expat still work

karma: +1

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by jorton.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+2
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 5

00 #1197087 XML_Parse breaks rand() function
00 #1319732 CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output [fedora-all]
00 #1337116 CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crash [fedora-all]
00 #1343086 CVE-2016-5300 expat: Little entropy used for hash initialization [fedora-all]
00 #1344252 CVE-2016-4472 expat: Undefined behavior and pointer overflows [fedora-all]

Automated Test Results