556424 – Regression in fix for CVE-2009-3560 [rhel-3]

Bug 556424 - Regression in fix for CVE-2009-3560 [rhel-3]

Summary: Regression in fix for CVE-2009-3560 [rhel-3]

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	expat
Sub Component:
Version:	3.9
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	rc
Assignee:	Joe Orton
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:	556415 556422
Blocks:
TreeView+	depends on / blocked

Reported:	2010-01-18 11:16 UTC by Tomas Hoger
Modified:	2018-11-14 17:50 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	556422
Environment:
Last Closed:	2012-06-14 19:43:47 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Tomas Hoger 2010-01-18 11:16:42 UTC

+++ This bug was initially created as a clone of Bug #556422 +++

Description:
The fix for CVE-2009-3560 caused a regression.

Parsing some external DTD definitions now fails.

http://mail.libexpat.org/pipermail/expat-discuss/2009-December/002646.html

Version:
expat-1.95.8-8.3.el5_4.2

Same applies to EL4 and EL3 versions.

Note You need to log in before you can comment on or make changes to this bug.