Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-640-1: libxml2 vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-640-1: libxml2 vulnerability
# 1  
Old 09-03-2008
USN-640-1: libxml2 vulnerability
Referenced CVEs:
CVE-2008-3281


Description:
=========================================================== Ubuntu Security Notice USN-640-1 September 03, 2008 libxml2 vulnerability CVE-2008-3281 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libxml2 2.6.24.dfsg-1ubuntu1.2 Ubuntu 7.04: libxml2 2.6.27.dfsg-1ubuntu3.2 Ubuntu 7.10: libxml2 2.6.30.dfsg-2ubuntu1.2 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Andreas Solberg discovered that libxml2 did not handle recursive entities safely. If an application linked against libxml2 were made to process a specially crafted XML document, a remote attacker could exhaust the system's CPU resources, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

mtext_deserialize

mtext_deserialize(3m17n)					 The m17n Library					  mtext_deserialize(3m17n)

NAME

       mtext_deserialize - Deserialize text properties in an M-text.

SYNOPSIS

       MText* mtext_deserialize (MText * mt)

DESCRIPTION

       Deserialize text properties in an M-text. The mtext_deserialize() function deserializes M-text mt.  mt must be an XML having the following
       DTD.

       <!DOCTYPE mtext [
	 <!ELEMENT mtext (property*,body+)>
	 <!ELEMENT property EMPTY>
	 <!ELEMENT body (#PCDATA)>
	 <!ATTLIST property key CDATA #REQUIRED>
	 <!ATTLIST property value CDATA #REQUIRED>
	 <!ATTLIST property from CDATA #REQUIRED>
	 <!ATTLIST property to CDATA #REQUIRED>
	 <!ATTLIST property control CDATA #REQUIRED>
	]>

       This function depends on the libxml2 library. If the m17n library is configured without libxml2, this function always fail.

RETURN VALUE

	   If the operation was successful, mtext_deserialize() returns the resulting M-text. Otherwise it returns NULL and assigns an error code
	   to the external variable merror_code.

SEE ALSO

	   mtext_serialize(), Mtext_prop_deserializer

COPYRIGHT

       Copyright (C) 2001 Information-technology Promotion Agency (IPA)
       Copyright (C) 2001-2011 National Institute of Advanced Industrial Science and Technology (AIST)
       Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License
       <http://www.gnu.org/licenses/fdl.html>.

Version 1.6.2							    12 Jan 2011 					  mtext_deserialize(3m17n)