FEDORA-2016-7c6e7a9265

security update in Fedora 24 for expat

Status: stable 3 years ago

Security fixes for CVE-2016-4472, CVE-2016-5300, CVE-2016-0718 and CVE-2012-6702.

Comments 8

This update has been submitted for testing by jorton.

jorton edited this update.

This update has been pushed to testing.

Works great! LGTM! =)

karma: +1

no regressions noted

karma: +1

This update has been submitted for stable by bodhi.

looks good

karma: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago
modified 3 years ago

Related Bugs 5

00 #1197087 XML_Parse breaks rand() function
00 #1319732 CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output [fedora-all]
00 #1337116 CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crash [fedora-all]
00 #1343086 CVE-2016-5300 expat: Little entropy used for hash initialization [fedora-all]
00 #1344252 CVE-2016-4472 expat: Undefined behavior and pointer overflows [fedora-all]

Automated Test Results