Test Kennung:	1.3.6.1.4.1.25623.1.1.13.2016.359.01
Kategorie:	Slackware Local Security Checks
Titel:	Slackware: Security Advisory (SSA:2016-359-01)
Zusammenfassung:	The remote host is missing an update for the 'expat' package(s) announced via the SSA:2016-359-01 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'expat' package(s) announced via the SSA:2016-359-01 advisory. Vulnerability Insight: New expat packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/expat-2.2.0-i586-1_slack14.2.txz: Upgraded. This update fixes bugs and security issues: Multiple integer overflows in XML_GetBuffer. Fix crash on malformed input. Improve insufficient fix to CVE-2015-1283 / CVE-2015-2716. Use more entropy for hash initialization. Resolve troublesome internal call to srand. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'expat' package(s) on Slackware 13.0, Slackware 13.1, Slackware 13.37, Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-6702 BugTraq ID: 91483 http://www.securityfocus.com/bid/91483 Debian Security Information: DSA-3597 (Google Search) http://www.debian.org/security/2016/dsa-3597 https://security.gentoo.org/glsa/201701-21 http://www.openwall.com/lists/oss-security/2016/06/03/8 http://www.openwall.com/lists/oss-security/2016/06/04/1 http://www.ubuntu.com/usn/USN-3010-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-1283 BugTraq ID: 75973 http://www.securityfocus.com/bid/75973 Debian Security Information: DSA-3315 (Google Search) http://www.debian.org/security/2015/dsa-3315 Debian Security Information: DSA-3318 (Google Search) http://www.debian.org/security/2015/dsa-3318 https://security.gentoo.org/glsa/201603-09 RedHat Security Advisories: RHSA-2015:1499 http://rhn.redhat.com/errata/RHSA-2015-1499.html http://www.securitytracker.com/id/1033031 SuSE Security Announcement: SUSE-SU-2016:1508 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html SuSE Security Announcement: SUSE-SU-2016:1512 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html SuSE Security Announcement: openSUSE-SU-2015:1287 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html SuSE Security Announcement: openSUSE-SU-2016:1441 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html SuSE Security Announcement: openSUSE-SU-2016:1523 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html http://www.ubuntu.com/usn/USN-2726-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-2716 BugTraq ID: 74611 http://www.securityfocus.com/bid/74611 Debian Security Information: DSA-3260 (Google Search) http://www.debian.org/security/2015/dsa-3260 Debian Security Information: DSA-3264 (Google Search) http://www.debian.org/security/2015/dsa-3264 https://security.gentoo.org/glsa/201605-06 RedHat Security Advisories: RHSA-2015:0988 http://rhn.redhat.com/errata/RHSA-2015-0988.html RedHat Security Advisories: RHSA-2015:1012 http://rhn.redhat.com/errata/RHSA-2015-1012.html SuSE Security Announcement: SUSE-SU-2015:0960 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html SuSE Security Announcement: SUSE-SU-2015:0978 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html SuSE Security Announcement: openSUSE-SU-2015:0892 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html SuSE Security Announcement: openSUSE-SU-2015:0934 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html SuSE Security Announcement: openSUSE-SU-2015:1266 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://www.ubuntu.com/usn/USN-2602-1 http://www.ubuntu.com/usn/USN-2603-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-0718 1036348 http://www.securitytracker.com/id/1036348 1036415 http://www.securitytracker.com/id/1036415 1037705 http://www.securitytracker.com/id/1037705 20170227 CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6 http://seclists.org/fulldisclosure/2017/Feb/68 90729 http://www.securityfocus.com/bid/90729 APPLE-SA-2016-07-18-1 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html DSA-3582 http://www.debian.org/security/2016/dsa-3582 GLSA-201701-21 RHSA-2016:2824 http://rhn.redhat.com/errata/RHSA-2016-2824.html RHSA-2018:2486 https://access.redhat.com/errata/RHSA-2018:2486 SUSE-SU-2016:1508 SUSE-SU-2016:1512 USN-2983-1 http://www.ubuntu.com/usn/USN-2983-1 USN-3044-1 http://www.ubuntu.com/usn/USN-3044-1 [oss-security] 20160517 CVE-2016-0718: Expat XML Parser Crashes on Malformed Input http://www.openwall.com/lists/oss-security/2016/05/17/12 http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html http://support.eset.com/ca6333/ http://www.mozilla.org/security/announce/2016/mfsa2016-68.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html https://bugzilla.mozilla.org/show_bug.cgi?id=1236923 https://bugzilla.redhat.com/show_bug.cgi?id=1296102 https://kc.mcafee.com/corporate/index?page=content&id=SB10365 https://source.android.com/security/bulletin/2016-11-01.html https://support.apple.com/HT206903 https://www.tenable.com/security/tns-2016-20 openSUSE-SU-2016:1441 openSUSE-SU-2016:1523 openSUSE-SU-2016:1964 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html openSUSE-SU-2016:2026 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html Common Vulnerability Exposure (CVE) ID: CVE-2016-4472 91528 http://www.securityfocus.com/bid/91528 USN-3013-1 http://www.ubuntu.com/usn/USN-3013-1 https://bugzilla.redhat.com/show_bug.cgi?id=1344251 https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde Common Vulnerability Exposure (CVE) ID: CVE-2016-5300 BugTraq ID: 91159 http://www.securityfocus.com/bid/91159 https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E http://www.openwall.com/lists/oss-security/2016/06/04/4 http://www.openwall.com/lists/oss-security/2016/06/04/5
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.