Oval Definition:oval:com.redhat.rhsa:def:20120410
Revision Date:2012-03-22Version:637
Title:RHSA-2012:0410: raptor security update (Important)
Description:Raptor provides parsers for Resource Description Framework (RDF) files.

  • An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037)

    Red Hat would like to thank Timothy D. Morgan of VSR for reporting this issue.

    All Raptor users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against Raptor must be restarted for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2012-0037
    CVE-2012-0037
    RHSA-2012:0410
    RHSA-2012:0410-01
    RHSA-2012:0410-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • raptor is earlier than 0:1.4.18-5.el6_2.1
  • AND raptor is signed with Red Hat redhatrelease2 key
  • raptor-devel is earlier than 0:1.4.18-5.el6_2.1
  • AND raptor-devel is signed with Red Hat redhatrelease2 key
    • BACK