New Search

RHSA-2009:1625 -- expat security update (Moderate)

oval:org.mitre.oval:def:29347

Updated expat packages that fix two security issues are now available for Red Hat Enterprise Linux 3 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Expat is a C library written by James Clark for parsing XML documents. Two buffer over-read flaws were found in the way Expat handled malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause applications using Expat to crash while parsing the file. (CVE-2009-3560 CVE-2009-3720)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 5
  • CentOS Linux 5
Class:
patch
Reference(s):
  • RHSA-2009:1625
  • CESA-2009:1625-CentOS 3
  • CESA-2009:1625-CentOS 5
  • CVE-2009-3560
  • CVE-2009-3720
Product(s):
  • expat