{"affected":[{"ecosystem_specific":{"binaries":[{"libmxml1":"2.5-24.3.1","mxml":"2.5-24.3.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 11 SP4","name":"mxml","purl":"pkg:rpm/suse/mxml&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.5-24.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for mxml fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2016-4570, CVE-2016-4571: stack exhaustion parsing xml files using mxml (bsc#979205, bsc#979206)\n","id":"SUSE-SU-2017:3060-1","modified":"2017-11-23T16:16:41Z","published":"2017-11-23T16:16:41Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2017/suse-su-20173060-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/979205"},{"type":"REPORT","url":"https://bugzilla.suse.com/979206"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4570"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-4571"}],"related":["CVE-2016-4570","CVE-2016-4571"],"summary":"Security update for mxml","upstream":["CVE-2016-4570","CVE-2016-4571"]}