Wind River Support Network

HomeDefectsLIN8-8280

Fixed

LIN8-8280 : Security Advisory - libxml2 - CVE-2017-16931

Created: Nov 30, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 8, 2017

Found In Version: 8.0.0.23

Fix Version: 8.0.0.24

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.

https://nvd.nist.gov/vuln/detail/CVE-2017-16931

Other Downloads

Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-16931