CVEs di riferimento:
CVE-2008-3281


Descrizione:
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d Ubuntu Security Notice \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d USN-640-1 settembre 03, 2008 libxml2 vulnerabilità CVE-2008-3281 \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d un problema di protezione riguarda le seguenti release di Ubuntu: Ubuntu 6.06 LTS Ubuntu 7,04 Ubuntu 7,10 Ubuntu 8,04 LTS Questa consulenza si applica anche alle corrispondenti versioni di Kubuntu, Edubuntu e Xubuntu. Il problema può essere corretto aggiornando il proprio sistema alle seguenti versioni dei pacchetti: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.2 Ubuntu 7.04: libxml2 2.6.27.dfsg-1ubuntu3.2 Ubuntu 7,10: libxml2 2.6.30. DFSG-2ubuntu1.2 Ubuntu 8,04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.1 In generale, un normale aggiornamento del sistema è sufficiente per effettuare i cambiamenti necessari. Dettagli seguire: Andreas Solberg scoperto che non libxml2 gestire entità ricorsive sicuro. Se una domanda legata contro libxml2 sono state effettuate a elaborare un documento XML creata appositamente, un attaccante remoto potrebbe esaurire le risorse della CPU del sistema, portando ad un denial of service.





Maggiori informazioni ...