Debian Security Advisory

DLA-433-1 xerces-c -- LTS security update

Date Reported:: 25 Feb 2016
Affected Packages:: xerces-c
Vulnerable:: Yes
Security database references:: In Mitre's CVE dictionary: CVE-2016-0729.
More information:: Gustavo Grieco discovered that xerces-c, a validating XML parser library for C++, mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. These flaws could lead to a denial of service in applications using the xerces-c library, or potentially, to the execution of arbitrary code.

This page is also available in the following languages:

How to set the default document language

To report a problem with the web site, please e-mail our publicly archived mailing list debian-www@lists.debian.org in English. For other contact information, see the Debian contact page. Web site source code is available.

Last Modified: Sat, Feb 9 04:52:41 UTC 2019 Last Built: Sun, Aug 2 07:38:29 UTC 2020
Copyright © 2016-2020 SPI and others; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.