| Release | Version |
|---|---|
| jessie | 3.1.1-5.1+deb8u6 |
| stretch | 3.1.4+debian-2+deb9u3 |
| stretch (security) | 3.1.4+debian-2+deb9u2 |
| buster | 3.2.2+debian-1+deb10u2 |
| bullseye | 3.2.3+debian-3+deb11u1 |
| bookworm | 3.2.4+debian-1 |
| trixie | 3.2.4+debian-1.3 |
| sid | 3.2.4+debian-1.3 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-1311 | vulnerable (no DSA, postponed) | fixed | fixed | fixed | fixed | fixed | fixed | The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-fre ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-0880 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Apache Xerces-C++ allows remote attackers to cause a denial of service ... |
| Bug | Description |
|---|---|
| CVE-2023-37536 | An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remo ... |
| CVE-2017-12627 | In Apache Xerces-C XML Parser library before 3.2.1, processing of exte ... |
| CVE-2016-4463 | Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows c ... |
| CVE-2016-2099 | Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apach ... |
| CVE-2016-0729 | Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLU ... |
| CVE-2015-0252 | internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote a ... |
| CVE-2009-1885 | Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Ap ... |
| DSA / DLA | Description |
|---|---|
| ELA-1031-1 | xerces-c - security update |
| DLA-3704-1 | xerces-c - security update |
| DSA-4814-1 | xerces-c - security update |
| DLA-2498-1 | xerces-c - security update |
| ELA-330-1 | xerces-c - security update |
| DLA-1328-1 | xerces-c - security update |
| DSA-3610-1 | xerces-c - security update |
| DLA-535-1 | xerces-c - security update |
| DSA-3579-1 | xerces-c - security update |
| DLA-467-1 | xerces-c - security update |
| DSA-3493-1 | xerces-c - security update |
| DLA-433-1 | xerces-c - security update |
| DLA-181-1 | xerces-c - security update |
| DSA-3199-1 | xerces-c - security update |