Bug#560946: CVE-2009-3560 and CVE-2009-3720 denial-of-services
Mike Hommey
mh at glandium.org
Mon Dec 14 08:15:12 UTC 2009
On Sat, Dec 12, 2009 at 10:56:59PM -0500, Michael Gilbert wrote:
> package: xulrunner
> severity: serious
> tags: security
>
> Hi,
>
> The following CVE (Common Vulnerabilities & Exposures) ids were
> published for expat. I have determined that this package embeds a
> vulnerable copy of xmlparse.c and xmltok_impl.c. However, since this is
> a mass bug filing (due to so many packages embedding expat), I have
> not had time to determine whether the vulnerable code is actually
> present in any of the binary packages derived from this source package.
> Please determine whether this is the case. If the binary packages are
> not affected, please feel free to close the bug with a message
> containing the details of what you did to check.
>
> CVE-2009-3560[0]:
> | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1,
> | as used in the XML-Twig module for Perl, allows context-dependent
> | attackers to cause a denial of service (application crash) via an XML
> | document with malformed UTF-8 sequences that trigger a buffer
> | over-read, related to the doProlog function in lib/xmlparse.c, a
> | different vulnerability than CVE-2009-2625 and CVE-2009-3720.
More information about the pkg-mozilla-maintainers
mailing list