LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: December 19th, 2014
Linux Advisory Watch: December 12th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: 2011:145: libxml2 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling (CVE-2011-2821, CVE-2011-2834). [More...]
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:145
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : libxml2
 Date    : October 9, 2011
 Affected: 2009.0, 2010.1, 2011., Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Double free vulnerabilities in libxml2 allows remote attackers to cause
 a denial of service or possibly have unspecified other impact via a
 crafted XPath expression and via vectors related to XPath handling
 (CVE-2011-2821, CVE-2011-2834).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 
 The updated packages have been patched to correct these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 209b07b6de051ff5aec516f90d0422f4  2009.0/i586/libxml2_2-2.7.1-1.8mdv2009.0.i586.rpm
 79a2f6e4f012fdd417f379e0b0036d54  2009.0/i586/libxml2-devel-2.7.1-1.8mdv2009.0.i586.rpm
 cb0134183154b0014b08aad4b37ea73a  2009.0/i586/libxml2-python-2.7.1-1.8mdv2009.0.i586.rpm
 118448ed71392dd8c2684277b49e4b74  2009.0/i586/libxml2-utils-2.7.1-1.8mdv2009.0.i586.rpm 
 b684a79602cb5e1bbf368642d85f68fa  2009.0/SRPMS/libxml2-2.7.1-1.8mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 998b5bb8b7d018f03136b646e1b06fdb  2009.0/x86_64/lib64xml2_2-2.7.1-1.8mdv2009.0.x86_64.rpm
 b1df1cc7c73c6e8d5b3bc0d39f43fa8d  2009.0/x86_64/lib64xml2-devel-2.7.1-1.8mdv2009.0.x86_64.rpm
 b2e99d7897c1bd6263017f02e98623ae  2009.0/x86_64/libxml2-python-2.7.1-1.8mdv2009.0.x86_64.rpm
 b7dcd0efbe0280e34fe007e278932a77  2009.0/x86_64/libxml2-utils-2.7.1-1.8mdv2009.0.x86_64.rpm 
 b684a79602cb5e1bbf368642d85f68fa  2009.0/SRPMS/libxml2-2.7.1-1.8mdv2009.0.src.rpm

 Mandriva Linux 2010.1:
 b390da9668b76bcf7ffcc8a7bbb53cb5  2010.1/i586/libxml2_2-2.7.7-1.4mdv2010.2.i586.rpm
 be6fd2244124176aabf9f89b051f7542  2010.1/i586/libxml2-devel-2.7.7-1.4mdv2010.2.i586.rpm
 dceee4844d365d68c4fe84c69bdd45cc  2010.1/i586/libxml2-python-2.7.7-1.4mdv2010.2.i586.rpm
 0e45e718e4ef244cb3da314d7d5fe170  2010.1/i586/libxml2-utils-2.7.7-1.4mdv2010.2.i586.rpm 
 a1f749d4ef5dc23d760d2d8dc79b7e80  2010.1/SRPMS/libxml2-2.7.7-1.4mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 8e9c6a2893459d61c8987a4791838c7f  2010.1/x86_64/lib64xml2_2-2.7.7-1.4mdv2010.2.x86_64.rpm
 5a65bad0467ce6c6bccadedbd6ba7300  2010.1/x86_64/lib64xml2-devel-2.7.7-1.4mdv2010.2.x86_64.rpm
 4b4add103bd98bfb13d92a83bd69d232  2010.1/x86_64/libxml2-python-2.7.7-1.4mdv2010.2.x86_64.rpm
 67c5b1c6e287b153c521c125d7f4c40a  2010.1/x86_64/libxml2-utils-2.7.7-1.4mdv2010.2.x86_64.rpm 
 a1f749d4ef5dc23d760d2d8dc79b7e80  2010.1/SRPMS/libxml2-2.7.7-1.4mdv2010.2.src.rpm

 Mandriva Linux 2011:
 a06dd522b3cac6eb67be595b34edab80  2011/i586/libxml2_2-2.7.8-6.2-mdv2011.0.i586.rpm
 d5356190d0ca32bb10d7df3bf4b53626  2011/i586/libxml2-devel-2.7.8-6.2-mdv2011.0.i586.rpm
 c536fdef7c40640e2c22442ca17c2685  2011/i586/libxml2-python-2.7.8-6.2-mdv2011.0.i586.rpm
 d414c5f632c4fb9ccf8452269548c5d4  2011/i586/libxml2-utils-2.7.8-6.2-mdv2011.0.i586.rpm 
 cae1d275c88bbb8f2d4ea3bc62c15066  2011/SRPMS/libxml2-2.7.8-6.2.src.rpm

 Mandriva Linux 2011/X86_64:
 2335fd4f854387849e11cbb3a373f619  2011/x86_64/lib64xml2_2-2.7.8-6.2-mdv2011.0.x86_64.rpm
 64e6582b9f726f4eaa9a5d79f3277081  2011/x86_64/lib64xml2-devel-2.7.8-6.2-mdv2011.0.x86_64.rpm
 9d35412e2549537879ea108350d7a252  2011/x86_64/libxml2-python-2.7.8-6.2-mdv2011.0.x86_64.rpm
 8adc79ebc7ce22b78677467a64fd9074  2011/x86_64/libxml2-utils-2.7.8-6.2-mdv2011.0.x86_64.rpm 
 cae1d275c88bbb8f2d4ea3bc62c15066  2011/SRPMS/libxml2-2.7.8-6.2.src.rpm

 Mandriva Enterprise Server 5:
 dd45c34e2b9c3427a3e3322122918855  mes5/i586/libxml2_2-2.7.1-1.8mdvmes5.2.i586.rpm
 e1ec6cbbf6db0ac41b80591c5697b72d  mes5/i586/libxml2-devel-2.7.1-1.8mdvmes5.2.i586.rpm
 44c69acf5ea338eeb1c2a885cd6d990b  mes5/i586/libxml2-python-2.7.1-1.8mdvmes5.2.i586.rpm
 50f4aab7fe60e69a38f5da6b3989c636  mes5/i586/libxml2-utils-2.7.1-1.8mdvmes5.2.i586.rpm 
 bbcb0ee0595285d0195be0b433b01f51  mes5/SRPMS/libxml2-2.7.1-1.8mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 2f5601898b050b63c6bcc67859b371cc  mes5/x86_64/lib64xml2_2-2.7.1-1.8mdvmes5.2.x86_64.rpm
 88c3f00377c5bec85a213459cb88f0cd  mes5/x86_64/lib64xml2-devel-2.7.1-1.8mdvmes5.2.x86_64.rpm
 8ccdad600cdae46d594f5ca37b1bcd57  mes5/x86_64/libxml2-python-2.7.1-1.8mdvmes5.2.x86_64.rpm
 8ccf73d9975c8d88844af0230095e6eb  mes5/x86_64/libxml2-utils-2.7.1-1.8mdvmes5.2.x86_64.rpm 
 bbcb0ee0595285d0195be0b433b01f51  mes5/SRPMS/libxml2-2.7.1-1.8mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
The Difference Between Wi-Fi Security Protocols: WPA2-AES vs WPA2-TKIP
Segmenting for security: Five steps to protect your network
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.