drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in libxml2 (Aktualisierung)
Name: |
Denial of Service in libxml2 (Aktualisierung) |
|
ID: |
USN-3504-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.04 ESM |
|
Datum: |
Di, 5. Dezember 2017, 16:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932 |
|
Applikationen: |
libxml2 |
|
Update von: |
Denial of Service in libxml2 |
|
Originalnachricht |
--===============7782651669174994212== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-N5MYw01IfKuwljeed6Tr"
--=-N5MYw01IfKuwljeed6Tr Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3504-2 December 05, 2017
libxml2 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
curl could be made to crash if it received specially crafted input.
Software Description: - libxml2: GNOME XML library
Details:
USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: libxml2 2.7.8.dfsg-5.1ubuntu4.19 libxml2-utils 2.7.8.dfsg-5.1ubuntu4.19 python-libxml2 2.7.8.dfsg-5.1ubuntu4.19
In general, a standard system update will make all the necessary changes.
References: https://www.ubuntu.com/usn/usn-3504-2 https://www.ubuntu.com/usn/usn-3504-1 CVE-2017-16932
--=-N5MYw01IfKuwljeed6Tr Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJaJrA9AAoJEEW851uECx9p7zoQAI6hYhOPGJufbfru7ST+JBcC 2sll7Wr/ejLmX811yFOo49X7WD+H+1vvTTTnSpkbNjqVOKA9Y1tZIP7XFkrJyOBE kzTs+sqFHO2Eiu58B0xuMFTF27EKcyAdr/fjdacJ0qDV+Zx45cIAoKCfcx7C6X8x ie1eLMDx1Mc/DRkIcLCzHjuZG/f9SxGUW5H2Y/Rb2VJUYwPfrChMjJ+EMSYX/56+ gZqodSJ/LG60fD7F2E36opGrWAa80WN6/KPdBXVZvo/GS1MbejbjeHbiRsV9SrXl iRp8lViWJ7mAy+ch9PeadDU7a1EzC6nweEnjX4m0tZjyxqtf5LqumACCBDc63o/a hc42DqhaRxaqC3KVgZOIFMJOewJewryocPMpI7uA+DkXkAAPcJPy8XpfCOgBtj/t 2sIVV6wFWO5nxSbx4esRmzrgF0bw8SmkERT41zJ8R9Q/iadv4Ke8uh01ibyiav05 ns1u+GmKa3aBUC37z+5ZQNPlq3U8aeiTgxmSGQf27xQVSUKFJUwlObjTABDlj5tl WXgi/dEZWjoFtTL14P+aTnCKBX7ytchkPK0jtgvPkeuiXwyvcSuln5peQV7ijDT+ UlVylbGTRnFALcn5TTeW3XfwQ2JkxD7DHZC4ryhZlTEU8xHjF0hr+/J346BMQ+VV /w7Rhydkzv8X72ynBNAL =Hukv -----END PGP SIGNATURE-----
--=-N5MYw01IfKuwljeed6Tr--
--===============7782651669174994212== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============7782651669174994212==--
|
|
|
|