Refererte CVEs:
CVE-2008-3281, CVE-2008-3529


Beskrivelse:
\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d Ubuntu Security Notice USN-644-1 11. september 2008libxml2 vulnerabilitiesCVE-2008-3281, CVE-2008-3529 \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d \u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d\u003d et sikkerhetsspørsmål påvirker følgende Ubuntu utgivelser: Ubuntu 6.06 LTSUbuntu 7.04Ubuntu 7.10Ubuntu 8.04 LTSThis rådgivende gjelder også tilsvarende versjoner ofKubuntu, Edubuntu og Xubuntu.The problemet kan rettes opp ved å oppgradere systemet til thefollowing pakke versjoner: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1. 3Ubuntu 7.04: libxml2 2.6.27.dfsg-1ubuntu3.3Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.3Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.2In generelt en standard systemoppgradering er tilstrekkelig for å effekt thenecessary endringer . Detaljer følger: Det ble oppdaget at libxml2 ikke riktig håndtere lange enhet names.If brukeren ble lurt inn i behandlingen av en spesielt utformet XML-dokument, en ekstern angriper kan kjøre vilkårlig kode med brukeren privilegesor føre programmet knyttet mot libxml2 krasjer, ledende til adenial tjeneste. (CVE-2008-3529) USN-640-1 fast sårbarheter i libxml2. Når behandlingen extremelylarge XML-dokumenter med gyldig enheter, var det mulig å incorrectlytrigger den nye sårbarheten beskyttelse. Denne oppdateringen fixesthe problem. (CVE-2008-3281)





Mer ...