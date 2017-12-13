

Ubuntu Security Notice USN-3513-2

December 13, 2017



libxml2 vulnerability

A security issue affects these releases of Ubuntu and its derivatives:



- Ubuntu 12.04 ESM



Summary:



libxml2 could be made to crash or run arbitrary code if it

opened a specially crafted file.



Software Description:

- libxml2: GNOME XML library



Details:



USN-3513-1 fixed a vulnerability in libxml2. This update provides

the corresponding update for Ubuntu 12.04 ESM.



Original advisory details:



It was discovered that libxml2 incorrecty handled certain files. An

attacker could use this issue with specially constructed XML data to

cause libxml2 to consume resources, leading to a denial of service.



Update instructions:



The problem can be corrected by updating your system to the following

package versions:



Ubuntu 12.04 ESM:

libxml2 2.7.8.dfsg-5.1ubuntu4.20

libxml2-utils 2.7.8.dfsg-5.1ubuntu4.20

python-libxml2 2.7.8.dfsg-5.1ubuntu4.20



In general, a standard system update will make all the necessary

changes.



References:

https://www.ubuntu.com/usn/usn-3513-2

https://www.ubuntu.com/usn/usn-3513-1

CVE-2017-15412



