SUSE-SU-2015:0597-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2015/suse-su-20150597-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0597-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2015:0597-1

Related

CVE-2015-0252

Published

2015-03-09T14:57:17Z

Modified

2015-03-09T14:57:17Z

Summary

Security update for Xerces-C

Details

The Xerces-C XML parsing library was updated to fix mishandling certain kinds of malformed input documents, that could have resulted in a segmentation faults during a parse operation, leading to denial of service or potential code execution. (bnc#920810,CVE-2015-0252)

References

Affected packages

SUSE:Linux Enterprise Desktop 12 / xerces-c

Package

Name: xerces-c
Purl: pkg:rpm/suse/xerces-c&distro=SUSE%20Linux%20Enterprise%20Desktop%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.1-4.1

Ecosystem specific

{
    "binaries": [
        {
            "libxerces-c-3_1": "3.1.1-4.1",
            "libxerces-c-3_1-32bit": "3.1.1-4.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 / xerces-c

Package

Name: xerces-c
Purl: pkg:rpm/suse/xerces-c&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.1.1-4.1

Ecosystem specific

{
    "binaries": [
        {
            "libxerces-c-3_1": "3.1.1-4.1",
            "libxerces-c-3_1-32bit": "3.1.1-4.1"
        }
    ]
}