RedHat Security Advisory RHSA-2009:1572

The remote host is missing updates announced in advisory RHSA-2009:1572. The 4Suite package contains XML-related tools and libraries for Python, including 4DOM, 4XSLT, 4XPath, 4RDF, and 4XPointer. A buffer over-read flaw was found in the way 4Suite's XML parser handles malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause applications using the 4Suite library to crash while parsing the file. (CVE-2009-3720) Note: In Red Hat Enterprise Linux 3, this flaw only affects a non-default configuration of the 4Suite package: configurations where the beta version of the cDomlette module is enabled. All 4Suite users should upgrade to this updated package, which contains a backported patch to correct this issue. After installing the updated package, applications using the 4Suite XML-related tools and libraries must be restarted for the update to take effect.
Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date