drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in libxml2
Name: |
Denial of Service in libxml2 |
|
ID: |
USN-1376-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04, Ubuntu 11.10 |
|
Datum: |
Di, 28. Februar 2012, 06:34 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841 |
|
Applikationen: |
libxml2 |
|
Originalnachricht |
--===============6654079222780701104== Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-oavf7AxF0rqhTZdsuxtk"
--=-oavf7AxF0rqhTZdsuxtk Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1376-1 February 27, 2012
libxml2 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS
Summary:
libxml2 could be made to cause a denial of service by consuming excessive CPU resources.
Software Description: - libxml2: GNOME XML library
Details:
Juraj Somorovsky discovered that libxml2 was vulnerable to hash table collisions. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: libxml2 2.7.8.dfsg-4ubuntu0.2
Ubuntu 11.04: libxml2 2.7.8.dfsg-2ubuntu0.3
Ubuntu 10.10: libxml2 2.7.7.dfsg-4ubuntu0.4
Ubuntu 10.04 LTS: libxml2 2.7.6.dfsg-1ubuntu1.4
Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.8
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1376-1 CVE-2012-0841
Package Information: https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-4ubuntu0.2 https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-2ubuntu0.3 https://launchpad.net/ubuntu/+source/libxml2/2.7.7.dfsg-4ubuntu0.4 https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1ubuntu1.4 https://launchpad.net/ubuntu/+source/libxml2/2.6.31.dfsg-2ubuntu1.8
--Øavf7AxF0rqhTZdsuxtk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAABCgAGBQJPTBawAAoJEFHb3FjMVZVzYhoP/2F0jR9WIBxAnlyvHl9e208U IwgYTalQwHGm1R6JPUFlloe+9ibAbIVYgBcEAtNzG7clHIWTNcP0bYJG2yj9iu3x 3CsDIGGDpel84f5YqGeGVC3Nh9HRd9Pm/5R3FQE1HlYGYTIav4bTope25Syz2nP1 UtAfoKrUTvlORA1jPMVjo2FI8m453ZucD12DVF0QstCiUUId9dFgTooiVuCnM4ci GiC83NhR9eRfr5OMAKWyBhEpcmbbIEs2Y5XdGK4Ai8ubnj+9qrd2qCsKAHhKQHld Vu5MPCAPk5c3Gnw/cmyj5DjdwebTq1otvkjiGvujw6pwRO5CxYj6nDuvmeoWJdpq 1gznEAJ/Uop1aPRE9gM3rZAujRTIw1pj+KFCgQ3lrFejk+u0D2ziCJYh47W2vveS fkCcCVxFQGGPeEvgGCD9FzlQ1aAONKXQvl2/rtWfITjUJjODJkdL327t2uk7raBY 466E0QXyowLclF1cBOUQFpUYLVRRRWkY7zOiLaYxLuCawOI81ExsB1iJr/HMFuXD J91DbYKcDAKemP5H1h+rU1VObMMydmZSTCKXTzno2etonrfJnf3id4nBrNdCTRUu tvyPx56VfFV6LqdI+RoYZbgUAO3HMrAEdn2ITkeNzs9I9PNvihjmeDOu6R2y6Mby 6Qae6Q7gfOiL7oSZasRx =yuAq -----END PGP SIGNATURE-----
--=-oavf7AxF0rqhTZdsuxtk--
--===============6654079222780701104== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============6654079222780701104==--
|
|
|
|