You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa libxml2

Sigurnosni nedostatak programskog paketa libxml2

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-2389-1
October 27, 2014

libxml2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
– Ubuntu 10.04 LTS

Summary:

libxml2 could be made to consume resources if it processed a specially
crafted file.

Software Description:
– libxml2: GNOME XML library

Details:

It was discovered that libxml2 would incorrectly perform entity
substitution even when requested not to. If a user or automated system were
tricked into opening a specially crafted document, an attacker could
possibly cause resource consumption, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libxml2 2.9.1+dfsg1-3ubuntu4.4

Ubuntu 12.04 LTS:
libxml2 2.7.8.dfsg-5.1ubuntu4.11

Ubuntu 10.04 LTS:
libxml2 2.7.6.dfsg-1ubuntu1.15

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2389-1
CVE-2014-3660

Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.4
https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.11
https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1ubuntu1.15

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUTknlAAoJEGVp2FWnRL6Tj6gP/0LYI4dbBiaPSkvwTPwS5Z/E
E2ufLx0UcfCQjZamNYUvEkJqXfrxMnBe7huIP0F4nmFl9yEltdl4Z+tqVEcXW3iM
+cflw47mC1XnEGi98EYzrz4XZ6ycOrBtiZbB3HL2Rqq1NFjOTfGhh973FGRXxT92
ZNZJ13F2d7EiIxcnzpX3HALAeNt5AlA1G7j72zsq0jhwc23Gv/CUXu9ZcNdC4faZ
W7LWo5MVVewqZEbsU6MIBn+SNT9I+hogSLp5qZXXbkupNS65J2DB1URqF48nrE6R
cjrBqNYY3aYd7feYvB+9jCawYVXmtnY8gCPjxTu/MpE4HeWqek++jZGhoEJPu5IV
PflgvfAzzp4c29HMVlLH5hu1rCoRZHc946ji8zvnZVFjNW8L0Fi/VU9VXlRUmH4u
lkguIFcjmoJuv6Mwy/OgP1WHw0gd+G47G50MZaJV/mz4k4FFINU0oVazP0986nhf
D+gP2ARPfBxUqb7og2NN18LZ6voUWKJAuR7CjAksgIf3BcPpSLDeOKBMEUVDyTl4
fVfIfJIelfdM2KrVptgnKapngvJWU3WhYil8aYY2HdYV2gCAVRhmBxwZq8GT96tT
1eTNBTa1TScWlGZVIbexAX3irExayrcHUdGnG3mOufwAbQCjrVbOhd+GYcYuDSY5
5Up6EN0U6I/aboSapK6V
=JBpM
—–END PGP SIGNATURE—–

AutorMarijo Plepelic
Cert idNCERT-REF-2014-10-0010-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Ranjivosti jezgre operacijskog sustava

Otkrivene su ranjivosti u jezgri operacijskog sustava Fedora 19 i 20. Ovisno o inačici sustava, ranjivosti zahvaćaju kvm, ext4 i...

Close