Test ID:	1.3.6.1.4.1.25623.1.1.13.2021.143.01
Category:	Slackware Local Security Checks
Title:	Slackware: Security Advisory (SSA:2021-143-01)
Summary:	The remote host is missing an update for the 'expat' package(s) announced via the SSA:2021-143-01 advisory.
Description:	Summary: The remote host is missing an update for the 'expat' package(s) announced via the SSA:2021-143-01 advisory. Vulnerability Insight: New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/expat-2.4.1-i586-1_slack14.2.txz: Upgraded. This update provides new mitigations against the 'billion laughs' denial of service attack. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'expat' package(s) on Slackware 14.0, Slackware 14.1, Slackware 14.2, Slackware current. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-0340 1028213 http://securitytracker.com/id?1028213 20210921 APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 http://seclists.org/fulldisclosure/2021/Sep/33 20210921 APPLE-SA-2021-09-20-2 watchOS 8 http://seclists.org/fulldisclosure/2021/Sep/34 20210921 APPLE-SA-2021-09-20-3 tvOS 15 http://seclists.org/fulldisclosure/2021/Sep/35 20210921 APPLE-SA-2021-09-20-6 Additional information for APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8 http://seclists.org/fulldisclosure/2021/Sep/38 20210921 APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6 http://seclists.org/fulldisclosure/2021/Sep/39 20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina http://seclists.org/fulldisclosure/2021/Sep/40 20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 http://seclists.org/fulldisclosure/2021/Oct/62 20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 http://seclists.org/fulldisclosure/2021/Oct/63 20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 http://seclists.org/fulldisclosure/2021/Oct/61 58233 http://www.securityfocus.com/bid/58233 90634 http://www.osvdb.org/90634 GLSA-201701-21 https://security.gentoo.org/glsa/201701-21 [announce] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs https://lists.apache.org/thread.html/r41eca5f4f09e74436cbb05dec450fc2bef37b5d3e966aa7cc5fada6d%40%3Cannounce.apache.org%3E [openoffice-users] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs https://lists.apache.org/thread.html/rfb2c193360436e230b85547e85a41bea0916916f96c501f5b6fc4702%40%3Cusers.openoffice.apache.org%3E [oss-security] 20130221 CVEs for libxml2 and expat internal and external XML entity expansion http://openwall.com/lists/oss-security/2013/02/22/3 [oss-security] 20130413 Re-evaluating expat/libxml2 CVE assignments http://www.openwall.com/lists/oss-security/2013/04/12/6 [oss-security] 20211007 CVE-2021-40439: Apache OpenOffice: Billion Laughs http://www.openwall.com/lists/oss-security/2021/10/07/4 https://support.apple.com/kb/HT212804 https://support.apple.com/kb/HT212805 https://support.apple.com/kb/HT212807 https://support.apple.com/kb/HT212814 https://support.apple.com/kb/HT212815 https://support.apple.com/kb/HT212819
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.