| |||||||||||||||||||
Mageia alert MGASA-2013-0085 (libxml2)
MGASA-2013-0085 Date: March 3rd, 2013 Affected releases: 2 Media: Core Description: Updated libxml2 packages fix security vulnerability: A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption (CVE-2013-0338). Updated Packages: i586: libxml2_2-2.7.8-14.20120229.5.mga2.i586.rpm libxml2-devel-2.7.8-14.20120229.5.mga2.i586.rpm libxml2-python-2.7.8-14.20120229.5.mga2.i586.rpm libxml2-utils-2.7.8-14.20120229.5.mga2.i586.rpm libxml2-debug-2.7.8-14.20120229.5.mga2.i586.rpm x86_64: lib64xml2_2-2.7.8-14.20120229.5.mga2.x86_64.rpm lib64xml2-devel-2.7.8-14.20120229.5.mga2.x86_64.rpm libxml2-python-2.7.8-14.20120229.5.mga2.x86_64.rpm libxml2-utils-2.7.8-14.20120229.5.mga2.x86_64.rpm libxml2-debug-2.7.8-14.20120229.5.mga2.x86_64.rpm SRPMS: libxml2-2.7.8-14.20120229.5.mga2.src.rpm References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338 https://rhn.redhat.com/errata/RHSA-2013-0581.html https://bugs.mageia.org/show_bug.cgi?id=9228 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-... (Log in to post comments)
|
|||||||||||||||||||