[ MDVSA-2008:180 ] libxml2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:180
http://www.mandriva.com/security/
_______________________________________________________________________
Package : libxml2
Date : August 21, 2008
Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Andreas Solberg found a denial of service flaw in how libxml2 processed
certain content. If an application linked against libxml2 processed
such malformed XML content, it could cause the application to stop
responding (CVE-2008-3281).
The updated packages have been patched to prevent this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
8716508e8ef37fea80042eb5e86b61fc
2007.1/i586/libxml2-2.6.27-3.2mdv2007.1.i586.rpm
76f19e531e231ce049a3f160cab32cbf
2007.1/i586/libxml2-devel-2.6.27-3.2mdv2007.1.i586.rpm
367a17a645a963b4f19cc2ead2457cbe
2007.1/i586/libxml2-python-2.6.27-3.2mdv2007.1.i586.rpm
7508eca77470798d116c0b528d576966
2007.1/i586/libxml2-utils-2.6.27-3.2mdv2007.1.i586.rpm
b666ca363e60ad00397e230e0ae1e424
2007.1/SRPMS/libxml2-2.6.27-3.2mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
b6727ddd4bd1560da41acf271f2096e8
2007.1/x86_64/lib64xml2-2.6.27-3.2mdv2007.1.x86_64.rpm
dd5e07c4f75a7e08e264d55aa0c3f9ed
2007.1/x86_64/lib64xml2-devel-2.6.27-3.2mdv2007.1.x86_64.rpm
26900e7b15c0f04b25ea15e2979471c1
2007.1/x86_64/lib64xml2-python-2.6.27-3.2mdv2007.1.x86_64.rpm
c5e0caac1d8d30b64ec7eba3b5a66415
2007.1/x86_64/libxml2-utils-2.6.27-3.2mdv2007.1.x86_64.rpm
b666ca363e60ad00397e230e0ae1e424
2007.1/SRPMS/libxml2-2.6.27-3.2mdv2007.1.src.rpm
Mandriva Linux 2008.0:
1932d023f3b5b7a3f5ba526dd9c95080
2008.0/i586/libxml2_2-2.6.30-1.2mdv2008.0.i586.rpm
7eb2d7415bcd978d69a00dfd18c019a2
2008.0/i586/libxml2-devel-2.6.30-1.2mdv2008.0.i586.rpm
46feaddd608ea1d2fb9c6580063b810d
2008.0/i586/libxml2-python-2.6.30-1.2mdv2008.0.i586.rpm
05395c1fa6023258795c5ecd6f4b7b66
2008.0/i586/libxml2-utils-2.6.30-1.2mdv2008.0.i586.rpm
894fcb3409c735a1e7d98ecdaa2e37ad
2008.0/SRPMS/libxml2-2.6.30-1.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
66ce82db8d282f735b0012003fa35bdd
2008.0/x86_64/lib64xml2_2-2.6.30-1.2mdv2008.0.x86_64.rpm
fd63bc951517ea18dc418bf98999eb55
2008.0/x86_64/lib64xml2-devel-2.6.30-1.2mdv2008.0.x86_64.rpm
f9386f8b33177f2497712834ac06986d
2008.0/x86_64/libxml2-python-2.6.30-1.2mdv2008.0.x86_64.rpm
d01f6d8e1efb2457158de599319ba2af
2008.0/x86_64/libxml2-utils-2.6.30-1.2mdv2008.0.x86_64.rpm
894fcb3409c735a1e7d98ecdaa2e37ad
2008.0/SRPMS/libxml2-2.6.30-1.2mdv2008.0.src.rpm
Mandriva Linux 2008.1:
3dad11935bcd4f83bc041459b7ac692f
2008.1/i586/libxml2_2-2.6.31-1.1mdv2008.1.i586.rpm
23018714913a017fb6730b1d779cf3ce
2008.1/i586/libxml2-devel-2.6.31-1.1mdv2008.1.i586.rpm
e5b02a6ca9e75d7281cb206b022aa3d3
2008.1/i586/libxml2-python-2.6.31-1.1mdv2008.1.i586.rpm
f2323a249c53c7f29125aee420526b58
2008.1/i586/libxml2-utils-2.6.31-1.1mdv2008.1.i586.rpm
23839fdb6c362403140e4901972418ca
2008.1/SRPMS/libxml2-2.6.31-1.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
72d3593941c2d5b662e675469416ffff
2008.1/x86_64/lib64xml2_2-2.6.31-1.1mdv2008.1.x86_64.rpm
2fd64ff529048478422d6205b081f9c8
2008.1/x86_64/lib64xml2-devel-2.6.31-1.1mdv2008.1.x86_64.rpm
32fba3b00faac7e5aef4fd10c887ab01
2008.1/x86_64/libxml2-python-2.6.31-1.1mdv2008.1.x86_64.rpm
5054e995d3ed7528f46803eea5d164a5
2008.1/x86_64/libxml2-utils-2.6.31-1.1mdv2008.1.x86_64.rpm
23839fdb6c362403140e4901972418ca
2008.1/SRPMS/libxml2-2.6.31-1.1mdv2008.1.src.rpm
Corporate 3.0:
d623b85f855087f6b108370f3f99b540
corporate/3.0/i586/libxml2-2.6.6-1.3.C30mdk.i586.rpm
76dfbf7e2ff9fca8b5c8f0e34586ed24
corporate/3.0/i586/libxml2-devel-2.6.6-1.3.C30mdk.i586.rpm
81842147b8613b8d50ccf2ba705a5f80
corporate/3.0/i586/libxml2-python-2.6.6-1.3.C30mdk.i586.rpm
aad19cbb6d924c9e17c5e2c7a2759a00
corporate/3.0/i586/libxml2-utils-2.6.6-1.3.C30mdk.i586.rpm
c452ee0be2fd9035ad1b7d1571d8abf5
corporate/3.0/SRPMS/libxml2-2.6.6-1.3.C30mdk.src.rpm
Corporate 3.0/X86_64:
3722b9972ae6e89bfa9dd0ddec837fc1
corporate/3.0/x86_64/lib64xml2-2.6.6-1.3.C30mdk.x86_64.rpm
fee78f06503143e8590aa2cfd90ce543
corporate/3.0/x86_64/lib64xml2-devel-2.6.6-1.3.C30mdk.x86_64.rpm
ea153d8ac723de782d9da2c8ac11e9c4
corporate/3.0/x86_64/lib64xml2-python-2.6.6-1.3.C30mdk.x86_64.rpm
10bb7d70f0a774cd26a8a1e6d09570da
corporate/3.0/x86_64/libxml2-utils-2.6.6-1.3.C30mdk.x86_64.rpm
c452ee0be2fd9035ad1b7d1571d8abf5
corporate/3.0/SRPMS/libxml2-2.6.6-1.3.C30mdk.src.rpm
Corporate 4.0:
87a2011447e7b1d6fd95764c5deb3a40
corporate/4.0/i586/libxml2-2.6.21-3.2.20060mlcs4.i586.rpm
ddde1748667044d1f345be2b6cf49af4
corporate/4.0/i586/libxml2-devel-2.6.21-3.2.20060mlcs4.i586.rpm
68fc71e4875e285c3e8daa3c8129209b
corporate/4.0/i586/libxml2-python-2.6.21-3.2.20060mlcs4.i586.rpm
76c878624f4af4ff3b33cceb3783d3b0
corporate/4.0/i586/libxml2-utils-2.6.21-3.2.20060mlcs4.i586.rpm
60399751c7df9a22a8aef3d7d818d11f
corporate/4.0/SRPMS/libxml2-2.6.21-3.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
478fbdc448c5b7fa4c39844d47e52c3d
corporate/4.0/x86_64/lib64xml2-2.6.21-3.2.20060mlcs4.x86_64.rpm
fb9525eac308da1cd765c47fa710378b
corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.2.20060mlcs4.x86_64.rpm
a37566330d49e506586a059f4ccf31b5
corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.2.20060mlcs4.x86_64.rpm
e4f5bd6911c49371fad6a854e4dca8c4
corporate/4.0/x86_64/libxml2-utils-2.6.21-3.2.20060mlcs4.x86_64.rpm
60399751c7df9a22a8aef3d7d818d11f
corporate/4.0/SRPMS/libxml2-2.6.21-3.2.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIrdIlmqjQ0CJFipgRAtQkAKDC8BJ/+NN623Z0N4mxEWP91QP0nACdHwWP
b3VCpIqKdjdhOZOXLDMucK8=
=gQwh
-----END PGP SIGNATURE-----