The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Special Forums > Security > Security Advisories (RSS)
USN-673-1: libxml2 vulnerabilities USN-673-1: libxml2 vulnerabilities
.
google unix.com

Forums Casino Register Forum RulesLinksAlbums FAQ Members List Search Today's Posts Mark Forums Read


Security Advisories (RSS) UNIX and Linux Security Advisories Via RSS News

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
T-019: libxml2 Vulnerability iBot Security Advisories (RSS) 0 11-13-2008 09:10 PM
USN-644-1: libxml2 vulnerabilities iBot Security Advisories (RSS) 0 09-11-2008 06:40 PM
USN-640-1: libxml2 vulnerability iBot Security Advisories (RSS) 0 09-03-2008 07:20 PM
USN-569-1: libxml2 vulnerability iBot Security Advisories (RSS) 0 01-14-2008 07:40 PM
libxml2 munna_dude High Level Programming 2 04-26-2007 11:49 PM

Reply
 
Submit Tools LinkBack Thread Tools Search this Thread Rate Thread Display Modes
  #1 (permalink)  
Old 11-18-2008
iBot's Avatar
Forum Robot Girl
  

Join Date: Sep 2000
Posts: 20,502
USN-673-1: libxml2 vulnerabilities
Referenced CVEs:
CVE-2008-4225, CVE-2008-4226


Description:
===========================================================Ubuntu Security Notice USN-673-1 November 19, 2008libxml2 vulnerabilitiesCVE-2008-4225, CVE-2008-4226===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 7.10Ubuntu 8.04 LTSUbuntu 8.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.4Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.4Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.3Ubuntu 8.10: libxml2 2.6.32.dfsg-4ubuntu1.1After a standard system upgrade you need to restart your sessions to effectthe necessary changes.Details follow:Drew Yao discovered that libxml2 did not correctly handle certain corruptXML documents. If a user or automated system were tricked into processinga malicious XML document, a remote attacker could cause applicationslinked against libxml2 to enter an infinite loop, leading to a denialof service. (CVE-2008-4225)Drew Yao discovered that libxml2 did not correctly handle large memoryallocations. If a user or automated system were tricked into processing avery large XML document, a remote attacker could cause applications linkedagainst libxml2 to crash, leading to a denial of service. (CVE-2008-4226)





More...
Reply With Quote
Google The UNIX and Linux Forums
Sponsored Links
Reply

Bookmarks

Edit Tags
Tags
None

« Mandriva: Subject: [Security Announce] [ MDVSA-2008:230 ] firefox | Mandriva: Subject: [Security Announce] [ MDVSA-2008:231 ] libxml2 »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:




All times are GMT -4. The time now is 09:18 PM.

The UNIX and Linux Forums - Learn UNIX and UNIX Commands RSS Feeds - Contact Us - The UNIX and Linux Forums - Learn UNIX and UNIX Commands - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66