Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in libxml2
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in libxml2
ID: SUSE-SU-2013:1627-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Server 10 SP4 LTSS
Datum: Di, 5. November 2013, 08:08
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877
Applikationen: libxml2

Originalnachricht

 
   SUSE Security Update: Security update for libxml2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:1627-1
Rating:             important
References:         #829077 
Cross-References:   CVE-2011-3102 CVE-2011-3919 CVE-2012-0841
                    CVE-2012-2807 CVE-2012-5134 CVE-2013-0338
                    CVE-2013-0339 CVE-2013-2877
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4 LTSS
______________________________________________________________________________

   An update that fixes 8 vulnerabilities is now available.

Description:


   libxml2 has been updated to fix the following security
   issue:

   * CVE-2013-0338: libxml2 allowed context-dependent
   attackers to cause a denial of service (CPU and memory
   consumption) via an XML file containing an entity
   declaration with long replacement text and many references
   to this entity, aka "internal entity expansion" with linear
   complexity.

   Security Issue references:

   * CVE-2013-0338
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338
   >
   * CVE-2013-0339
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339
   >
   * CVE-2012-5134
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134
   >
   * CVE-2012-2807
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807
   >
   * CVE-2011-3102
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102
   >
   * CVE-2012-0841
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841
   >
   * CVE-2011-3919
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
   >
   * CVE-2013-2877
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877
   >



Package List:

   - SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):

      libxml2-2.6.23-15.39.1
      libxml2-devel-2.6.23-15.39.1
      libxml2-python-2.6.23-15.39.1

   - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):

      libxml2-32bit-2.6.23-15.39.1
      libxml2-devel-32bit-2.6.23-15.39.1


References:

   http://support.novell.com/security/cve/CVE-2011-3102.html
   http://support.novell.com/security/cve/CVE-2011-3919.html
   http://support.novell.com/security/cve/CVE-2012-0841.html
   http://support.novell.com/security/cve/CVE-2012-2807.html
   http://support.novell.com/security/cve/CVE-2012-5134.html
   http://support.novell.com/security/cve/CVE-2013-0338.html
   http://support.novell.com/security/cve/CVE-2013-0339.html
   http://support.novell.com/security/cve/CVE-2013-2877.html
   https://bugzilla.novell.com/829077
   ?keywords=aeb05c467f847178dc94b70e3bc77cc8

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung