-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-8305 2009-08-07 04:35:37 --------------------------------------------------------------------------------
Name : xerces-c27 Product : Fedora 10 Version : 2.7.0 Release : 8.fc10 URL : http://xml.apache.org/xerces-c/ Summary : Validating XML Parser Description : Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0 recommendation and associated standards ( DOM 1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces). Note that this package contains Xerces-C++ 2.7.0 for compatibility with applications that cannot use a newer version. -------------------------------------------------------------------------------- Update Information: CVE-2009-1885 -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 6 2009 Peter Lemenkov <lemen...@gmail.com> 2.7.0-8 - Fix CVE-2009-1885 * Mon Jul 27 2009 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.7.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Thu Feb 26 2009 Fedora Release Engineering <rel-...@lists.fedoraproject.org> - 2.7.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Wed Jun 4 2008 Xavier Bachelot <xav...@bachelot.org> - 2.7.0-5 - Fix Source: url. -------------------------------------------------------------------------------- References: [ 1 ] Bug #515515 - CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures https://bugzilla.redhat.com/show_bug.cgi?id=515515 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xerces-c27' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce