Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-640-1: libxml2 vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-640-1: libxml2 vulnerability
# 1  
Old 09-03-2008
USN-640-1: libxml2 vulnerability
Referenced CVEs:
CVE-2008-3281


Description:
=========================================================== Ubuntu Security Notice USN-640-1 September 03, 2008 libxml2 vulnerability CVE-2008-3281 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.2 Ubuntu 7.04: libxml2 2.6.27.dfsg-1ubuntu3.2 Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.2 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Andreas Solberg discovered that libxml2 did not handle recursive entities safely. If an application linked against libxml2 were made to process a specially crafted XML document, a remote attacker could exhaust the system's CPU resources, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT CENTOS

xml::libxml::regexp

XML::LibXML::RegExp(3)					User Contributed Perl Documentation				    XML::LibXML::RegExp(3)

NAME

       XML::LibXML::RegExp - XML::LibXML::RegExp - interface to libxml2 regular expressions

SYNOPSIS

	 use XML::LibXML;
	 my $compiled_re = XML::LibXML::RegExp->new('[0-9]{5}(-[0-9]{4})?');
	 if ($compiled_re->isDeterministic()) { ... }
	 if ($compiled_re->matches($string)) { ... }

	 $compiled_re = XML::LibXML::RegExp->new( $regexp_str );
	 $bool = $compiled_re->matches($string);
	 $bool = $compiled_re->isDeterministic();

DESCRIPTION

       This is a perl interface to libxml2's implementation of regular expressions, which are used e.g. for validation of XML Schema simple types
       (pattern facet).

       new()
	     $compiled_re = XML::LibXML::RegExp->new( $regexp_str );

	   The constructor takes a string containing a regular expression and returns a compiled regexp object.

       matches($string)
	     $bool = $compiled_re->matches($string);

	   Given a string value, returns a true value if the value is matched by the compiled regular expression.

       isDeterministic()
	     $bool = $compiled_re->isDeterministic();

	   Returns a true value if the regular expression is deterministic; returns false otherwise. (See the definition of determinism in the XML
	   spec (<http://www.w3.org/TR/REC-xml/#determinism>))

AUTHORS

       Matt Sergeant, Christian Glahn, Petr Pajas

VERSION

       2.0018

COPYRIGHT

       2001-2007, AxKit.com Ltd.

       2002-2006, Christian Glahn.

       2006-2009, Petr Pajas.

perl v5.16.3							    2013-05-13						    XML::LibXML::RegExp(3)