Ubuntu 12.04 LTS / 14.04 / 15.10 / 16.04 : expat vulnerability (USN-2983-1)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Fuel for OpenStack |
Won't Fix
|
High
|
MOS Maintenance | ||
Bug Description
Ubuntu 12.04 LTS / 14.04 / 15.10 / 16.04 : expat vulnerability (USN-2983-1)
Synopsis :
The remote Ubuntu host is missing one or more security-related
patches.
Description :
Gustavo Grieco discovered that Expat incorrectly handled malformed XML
data. If a user or application linked against Expat were tricked into
opening a crafted XML file, an attacker could cause a denial of
service, or possibly execute arbitrary code. (CVE-2016-0718).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
Solution :
Update the affected lib64expat1 and / or libexpat1 packages.
ISO #353
http://
| Egor Kotko (ykotko) wrote | #1 |
| Changed in fuel: | |
| assignee: | Fuel Sustaining (fuel-sustaining-team) → MOS Linux (mos-linux) |
| Dmitry Teselkin (teselkin-d) wrote | #2 |
| Changed in fuel: | |
| assignee: | MOS Linux (mos-linux) → MOS Maintenance (mos-maintenance) |
| tags: |
added: area-linux removed: area-library |
| Changed in fuel: | |
| milestone: | 9.0 → 5.1.1-updates |
| status: | New → Confirmed |
| Alexey Stupnikov (astupnikov) wrote | #3 |
| Changed in fuel: | |
| status: | Confirmed → Won't Fix |
Ubuntu 14.04 should receive updated package from Canonical. We aren't maintaining expat package so there is nothing to do with 14.04.
Passing to mos-maintenance to deal with Ubuntu 12.04