Summer bug cleaning - some Hash DoS stuff

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

So in the spirit of cleaning out the fridge of mystery condiments I'm
going through a bunch of old/lower severity bugs that have been
lurking in our BZ. To start with some Hash DoS related stuff from 2012:

https://bugzilla.redhat.com/show_bug.cgi?id=787103
CVE-2012-0880 xml: xerces-c hash table collisions CPU usage DoS
(oCERT-2011-003

https://bugzilla.redhat.com/show_bug.cgi?id=787104
 CVE-2012-0881 xml: xerces-j2 hash table collisions CPU usage DoS
(oCERT-2011-003)

https://bugzilla.redhat.com/show_bug.cgi?id=787109
CVE-2012-0877 PyXML: hash table collisions CPU usage DoS (oCERT-2011-003)

Basically different code bases/etc, but all using poor hash
implementations.


- -- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTvEo8AAoJEBYNRVNeJnmTDjYQANb8QbW9aaAVNe0xSrlfkFfO
e1l5lloqDednTs1UOki75DYKmFDxT/TJjeOKCPptNojPcj0FpqWBDJkYd6fU5LNt
J19SU3KDIPPwAK+AH7TGsl1+7mH3EcP0Ls9lGoVh1nS8ufeMhnGk9mhvZ+KTVscL
9eA7kbX+Ln33obDNohl4DBH6aQdr8e3n/8Fh4JBA1eZm2eHq5xi78mMJIRjTqmGe
atzpedncu16zgS0GpJ0/Ty76dc0WshkSUR+k4eNeltqhafOPLdlw/G/wNsH+d3Uk
gKw/W69pHSe15jN+rEBPoS/0koNlASWQuV0ufRWf+MsCPV/7PWE0kZpkHTQndtSv
/b4DfD+fybD/xHp7lTPa59+5M4+FASl/ARz92EK2TUN9Q1ULTXZSaGPylKZ0kIUN
iQHuButa43804YdXxUVR+zQTYKuuRqMIISizrf7cZ+9Cov35B1R3UDjt0+75rJ9e
YAfcwvOfEbIOLUP4No3f77m5I/SWeazuuuytKzfAPg65+I/vASc8eqQPQ8UoVWOL
kH5ryMvSE7hRTJRBY+XazZuWud13/UgvrySFKob2dSQkIrdwEDF5BenPEwin9VVC
zslcGxvNBDDmbH7x+aVXCcFttDt9J1RXSs+qAKn081kwK/HNvIrI2nor26SVuq69
KvAPbnUoYmaLmMhwhGiK
=GuDI
-----END PGP SIGNATURE-----