[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:2492-01 -- Redhat xmlsec1

ID: oval:org.secpod.oval:def:502129Date: (C)2017-08-28   (M)2023-12-20
Class: PATCHFamily: unix




XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards "XML Digital Signature" and "XML Encryption". Security Fix: * It was discovered xmlsec1"s use of libxml2 inadvertently enabled external entity expansion along with validation. An attacker could craft an XML file that would cause xmlsec1 to try and read local files or HTTP/FTP URLs, leading to information disclosure or denial of service

Platform:
Red Hat Enterprise Linux 7
Product:
xmlsec1
Reference:
RHSA-2017:2492-01
CVE-2017-1000061
CVE    1
CVE-2017-1000061
CPE    2
cpe:/o:redhat:enterprise_linux:7
cpe:/a:aleksey:xmlsec1

© SecPod Technologies