Wind River Support Network

HomeDefectsLIN5-20340
Fixed

LIN5-20340 : Security Advisory - libxml2 - CVE-2015-1819

Created: Apr 16, 2015    Updated: Dec 19, 2017
Resolved Date: May 7, 2015
Previous ID: LIN4-32498
Found In Version: 5.0.1.24
Fix Version: 5.0.1.26
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

CVE-2015-1819 Enforce the reader to run in constant memory
One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819

Other Downloads


Live chat
Online