RHSA-2009:1572: Moderate: 4Suite security update
The 4Suite package contains XML-related tools and libraries for Python,including 4DOM, 4XSLT, 4XPath, 4RDF, and 4XPointer.A buffer over-read flaw was found in the way 4Suite's XML parser handlesmalformed UTF-8 sequences when processing XML files. A specially-craftedXML file could cause applications using the 4Suite library to crash whileparsing the file. (CVE-2009-3720)Note: In Red Hat Enterprise Linux 3, this flaw only affects a non-defaultconfiguration of the 4Suite package: configurations where the beta versionof the cDomlette module is enabled.All 4Suite users should upgrade to this updated package, which contains abackported patch to correct this issue. After installing the updatedpackage, applications using the 4Suite XML-related tools and libraries mustbe restarted for the update to take effect.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2009:1572?
The severity of RHSA-2009:1572 is categorized as moderate.
What does the vulnerability RHSA-2009:1572 affect?
RHSA-2009:1572 affects the 4Suite package, specifically its XML-related tools and libraries.
How do I fix RHSA-2009:1572?
To fix RHSA-2009:1572, update the 4Suite package to the latest version provided by your vendor.
What types of flaws are addressed in RHSA-2009:1572?
RHSA-2009:1572 addresses a buffer over-read flaw in 4Suite's XML parser.
Can malformed UTF-8 sequences exploit RHSA-2009:1572?
Yes, malformed UTF-8 sequences can be used to exploit the vulnerability identified in RHSA-2009:1572.