expat (SL6, SL7)

Synopsis: Moderate: expat security update
Advisory ID: SLSA-2016:2824-1
Issue Date: 2016-11-28
CVE Numbers: CVE-2016-0718

Security Fix(es):

* An out-of-bounds read flaw was found in the way Expat processed certain
input. A remote attacker could send specially crafted XML that, when
parsed by an application using the Expat library, would cause that
application to crash or, possibly, execute arbitrary code with the
permission of the user running the application. (CVE-2016-0718)

SL6
x86_64
expat-2.0.1-13.el6_8.i686.rpm
expat-2.0.1-13.el6_8.x86_64.rpm
expat-debuginfo-2.0.1-13.el6_8.i686.rpm
expat-debuginfo-2.0.1-13.el6_8.x86_64.rpm
expat-devel-2.0.1-13.el6_8.i686.rpm
expat-devel-2.0.1-13.el6_8.x86_64.rpm
i386
expat-2.0.1-13.el6_8.i686.rpm
expat-debuginfo-2.0.1-13.el6_8.i686.rpm
expat-devel-2.0.1-13.el6_8.i686.rpm
SL7
x86_64
expat-2.1.0-10.el7_3.i686.rpm
expat-2.1.0-10.el7_3.x86_64.rpm
expat-debuginfo-2.1.0-10.el7_3.i686.rpm
expat-debuginfo-2.1.0-10.el7_3.x86_64.rpm
expat-devel-2.1.0-10.el7_3.i686.rpm
expat-devel-2.1.0-10.el7_3.x86_64.rpm
expat-static-2.1.0-10.el7_3.i686.rpm
expat-static-2.1.0-10.el7_3.x86_64.rpm

– Scientific Linux Development Team