It was found that when calling XML_Parse ahead of rand(), it causes the
pseudo random generator to generate non-random predictable numbers.
It was found that original fix for CVE-2012-0876 used too little
entropy for the hash initialization. This issue can be used to perform
a hash collision based denial of service attack.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | lib32-expat | < 2.1.1-3 | UNKNOWN |