Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0988
HistoryNov 17, 2008 - 11:54 p.m.

libxml2 security update

2008-11-1723:54:51
CentOS Project
lists.centos.org
54

0.019 Low

EPSS

Percentile

88.3%

JSON

CentOS Errata and Security Advisory CESA-2008:0988

libxml2 is a library for parsing and manipulating XML files. It includes
support for reading, modifying, and writing XML and HTML files.

An integer overflow flaw causing a heap-based buffer overflow was found in
the libxml2 XML parser. If an application linked against libxml2 processed
untrusted, malformed XML content, it could cause the application to crash
or, possibly, execute arbitrary code. (CVE-2008-4226)

A denial of service flaw was discovered in the libxml2 XML parser. If an
application linked against libxml2 processed untrusted, malformed XML
content, it could cause the application to enter an infinite loop.
(CVE-2008-4225)

Red Hat would like to thank Drew Yao of the Apple Product Security team for
reporting these issues.

Users of libxml2 are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-November/077574.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077575.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077576.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077577.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077578.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077579.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077581.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077583.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077592.html
https://lists.centos.org/pipermail/centos-announce/2008-November/077593.html
https://lists.centos.org/pipermail/centos-announce/2008-November/090341.html
https://lists.centos.org/pipermail/centos-announce/2008-November/090342.html

Affected packages:
libxml2
libxml2-devel
libxml2-python

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0988

OSVersionArchitecturePackageVersionFilename
CentOS5i386libxml2<Β 2.6.26-2.1.2.7libxml2-2.6.26-2.1.2.7.i386.rpm
CentOS5i386libxml2-devel<Β 2.6.26-2.1.2.7libxml2-devel-2.6.26-2.1.2.7.i386.rpm
CentOS5i386libxml2-python<Β 2.6.26-2.1.2.7libxml2-python-2.6.26-2.1.2.7.i386.rpm
CentOS5i386libxml2<Β 2.6.26-2.1.2.7libxml2-2.6.26-2.1.2.7.i386.rpm
CentOS5x86_64libxml2<Β 2.6.26-2.1.2.7libxml2-2.6.26-2.1.2.7.x86_64.rpm
CentOS5i386libxml2-devel<Β 2.6.26-2.1.2.7libxml2-devel-2.6.26-2.1.2.7.i386.rpm
CentOS5x86_64libxml2-devel<Β 2.6.26-2.1.2.7libxml2-devel-2.6.26-2.1.2.7.x86_64.rpm
CentOS5x86_64libxml2-python<Β 2.6.26-2.1.2.7libxml2-python-2.6.26-2.1.2.7.x86_64.rpm
CentOS3i386libxml2<Β 2.5.10-14libxml2-2.5.10-14.i386.rpm
CentOS3i386libxml2-devel<Β 2.5.10-14libxml2-devel-2.5.10-14.i386.rpm
Rows per page:
1-10 of 481

Related

nessus 56
openvas 64
fedora 4
altlinux 2
osv 1
ubuntu 1
freebsd 1
oraclelinux 1
redhat 1
debian 1
centos 1
slackware 1
vmware 2
gentoo 1
prion 2
debiancve 2
cve 2
ubuntucve 2
seebug 1
securityvulns 3
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / current : libxml2 (SSA:2008-324-01)
2008-11-21 00:00:00
Oracle Linux 3 / 4 / 5 : libxml2 (ELSA-2008-0988)
2013-07-12 00:00:00
FreeBSD : libxml2 -- multiple vulnerabilities (f1e0164e-b67b-11dd-a55e-00163e000016)
2008-11-21 00:00:00
openvas
openvas
Fedora Update for libxml2 FEDORA-2008-9773
2009-02-17 00:00:00
Mandriva Update for libxml2 MDVSA-2008:231 (libxml2)
2009-04-09 00:00:00
CentOS Update for libxml2 CESA-2008:0988 centos3 x86_64
2009-02-27 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: libxml2-2.7.2-2.fc10
2008-11-22 16:50:52
[SECURITY] Fedora 9 Update: libxml2-2.7.2-2.fc9
2008-11-19 14:55:44
[SECURITY] Fedora 8 Update: libxml2-2.7.2-2.fc8
2008-11-19 14:51:06
altlinux
altlinux
Security fix for the ALT Linux 5 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.7.2-alt2
2008-11-25 00:00:00
osv
osv
libxml2 - several vulnerabilities
2008-11-17 00:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2008-11-19 00:00:00
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2008-11-18 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2008-11-17 00:00:00
redhat
redhat
(RHSA-2008:0988) Important: libxml2 security update
2008-11-17 00:00:00
debian
debian
[SECURITY] [DSA 1666-1] New libxml2 packages fix several vulnerabilities
2008-11-17 23:34:24
centos
centos
libxml2 security update
2008-11-24 00:43:15
slackware
slackware
[slackware-security] libxml2
2008-11-20 03:51:12
vmware
vmware
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
2009-01-30 00:00:00
ESX patches address an issue loading corrupt virtual disks and update Service Console packages
2009-01-30 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2008-12-02 00:00:00
prion
prion
Integer overflow
2008-11-25 23:30:00
Integer overflow
2008-11-25 23:30:00
debiancve
debiancve
CVE-2008-4226
2008-11-25 23:30:00
CVE-2008-4225
2008-11-25 23:30:00
cve
cve
CVE-2008-4225
2008-11-25 23:30:00
CVE-2008-4226
2008-11-25 23:30:00
ubuntucve
ubuntucve
CVE-2008-4225
2008-11-25 00:00:00
CVE-2008-4226
2008-11-25 00:00:00
seebug
seebug
libxml2 xmlSAX2Characters()ε‡½ζ•°ζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2008-11-20 00:00:00
securityvulns
securityvulns
libxml library DoS
2008-08-25 00:00:00
[security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage &#40;SMH&#41; for Linux and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code, Unauthorized Access
2010-04-26 00:00:00
HP System Management Homepage multiple security vulnerabilities
2010-05-20 00:00:00

0.019 Low

EPSS

Percentile

88.3%

JSON
Related for CESA-2008:0988
nessus56openvas64fedora4altlinux2osv1ubuntu1freebsd1oraclelinux1redhat1debian1centos1slackware1vmware2gentoo1prion2debiancve2cve2ubuntucve2seebug1securityvulns3