Wind River Support Network


LIN6-10671 : Security Advisory - expat - CVE-2015-1283

Created: Dec 22, 2015    Updated: Dec 3, 2018
Resolved Date: Dec 23, 2015
Previous ID: LIN4-33265
Found In Version:
Fix Version:
Severity: Critical
Applicable for: Wind River Linux 6
Component/s: Userspace


This is the descript of CVE-2015-1283:

wrlinux-mid-december-2015-security-bulletin.pdf sais this vunerability will not be fixed because wrlinux doesn't ship chrome.   But the vunerablility code is in expat.  I check the related file 'xmlparse.c' that also also the problem mentioned in

Please refer to the diff in the above link.  The customer requests the patch for expat.

Other Downloads

Live chat