Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in libxml2
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in libxml2
ID: USN-2875-1
Distribution: Ubuntu
Plattformen: Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, Ubuntu 15.04, Ubuntu 15.10
Datum: Mi, 20. Januar 2016, 07:09
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
Applikationen: libxml2

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7162125817340567112==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="pHmCi3WMaSU7P3WI7m7vWpgh1M71ocaVO"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--pHmCi3WMaSU7P3WI7m7vWpgh1M71ocaVO
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2875-1
January 19, 2016

libxml2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

libxml2 could be made to crash if it opened a specially crafted file.

Software Description:
- libxml2: GNOME XML library

Details:

It was discovered that libxml2 incorrectly handled certain malformed
documents. If a user or automated system were tricked into opening a
specially crafted document, an attacker could possibly cause libxml2 to
crash, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
libxml2 2.9.2+zdfsg1-4ubuntu0.3

Ubuntu 15.04:
libxml2 2.9.2+dfsg1-3ubuntu0.3

Ubuntu 14.04 LTS:
libxml2 2.9.1+dfsg1-3ubuntu4.7

Ubuntu 12.04 LTS:
libxml2 2.7.8.dfsg-5.1ubuntu4.14

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2875-1
CVE-2015-7499, CVE-2015-8710

Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.9.2+zdfsg1-4ubuntu0.3
https://launchpad.net/ubuntu/+source/libxml2/2.9.2+dfsg1-3ubuntu0.3
https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.7
https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.14



--pHmCi3WMaSU7P3WI7m7vWpgh1M71ocaVO
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWnqo3AAoJEGVp2FWnRL6TlFgQAJfNVYE4mncbkUCiWefuPleb
gvHNIZoBKKuWoviCtk/oI0odeH+vseE1iSSQwnhZblfVDXSPt2zvHkWPlncM5hwy
ZjYCL6tO0G7Sl/vBRdqtELiYlwP4lnwyTmGUptLE883Empe236LFDP+Z0msLmYhE
ySwpbZIANeDUbXVhEgi412Eu+W9cO4WmgUyjSuwLAqS1ZEE9Ke/1OTnSFXZVqtH/
4O5vcof76Csn5Hs//nUNdQUDSJm8GCYuV3RU2He0bJUkjDC1hWmBvaCOi22Z2FBf
d7rp1eQ3oUzJzVRs7NCU3kN3uV3H9IvE8t94Y0ePe8J7TEchCdph5ZboZ4Mbps0U
kUSN5MjNCAcjkI1VR4JS0y3rvU0DxtBwI+G/M45FqKeaaD3piu93pbQx4jDeN+JL
xZ0u9speM5mbQS1tzaRGPSkjpDIL0wRWwyEvKNHBSmkmR7Rm1kX5vSgdXadSsuMr
oU3/0PEu9SQczQV5ayMgNt72JRErHLbKDshbfwk0zQ/mG6Kztl9+4abv+UjWEpS4
LnlYMowZMKbt4UCFZ0dmOfDgsalzGPknCDsXCOKusop78PgYCDITflmUvkKnq4cW
SLzP4HIuWyRDo8wlhuvYwZCxfJfP2B2x6LiiP7vbjrb90djmZdAxwqOUuWVNuRM+
7fB/T9nbFjFkg5EfDrC6
=eilE
-----END PGP SIGNATURE-----

--pHmCi3WMaSU7P3WI7m7vWpgh1M71ocaVO--


--===============7162125817340567112==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============7162125817340567112==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung