Lucene search

K
mageiaGentoo FoundationMGASA-2018-0050
HistoryJan 03, 2018 - 6:50 p.m.

Updated libxml2 packages fix security vulnerability

2018-01-0318:50:51
Gentoo Foundation
advisories.mageia.org
33

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.3%

Integer overflow in memory debug code in libxml2 before 2.9.5 (CVE-2017-5130). It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service (CVE-2017-15412). Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service (CVE-2017-16932). The libxml2 package has been updated to version 2.9.7 to fix these issues and several other bugs. Also, the perl-XML-LibXML package has been updated to version 2.13.200 to allow it to be rebuilt against the updated libxml2.

OSVersionArchitecturePackageVersionFilename
Mageia6noarchlibxml2<ย 2.9.7-1libxml2-2.9.7-1.mga6

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.3%