libxml2 security update

2013-02-28T00:00:00
ID ELSA-2013-0581
Type oraclelinux
Reporter Oracle
Modified 2013-02-28T00:00:00

Description

[2.7.6-12.0.1.el6_4.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.7.6-12.el6_4.1] -detect and stop excessive entities expansion upon replacement (rhbz#912574) [2.7.6-12.el6] - fix out of range heap access (CVE-2012-5134) [2.7.6-11.el6] - Change the XPath code to percolate allocation error (CVE-2011-1944) [2.7.6-10.el6] - Fix an off by one pointer access (CVE-2011-3102) [2.7.6-9.el6] - Fix a failure to report xmlreader parsing failures - Fix parser local buffers size problems (rhbz#843742) - Fix entities local buffers size problems (rhbz#843742) - Fix an error in previous commit (rhbz#843742) - Do not fetch external parsed entities - Impose a reasonable limit on attribute size (rhbz#843742) - Impose a reasonable limit on comment size (rhbz#843742) - Impose a reasonable limit on PI size (rhbz#843742) - Cleanups and new limit APIs for dictionaries (rhbz#843742) - Introduce some default parser limits (rhbz#843742) - Implement some default limits in the XPath module - Fixup limits parser (rhbz#843742) - Enforce XML_PARSER_EOF state handling through the parser - Avoid quadratic behaviour in some push parsing cases (rhbz#843742) - More avoid quadratic behaviour (rhbz#843742) - Strengthen behaviour of the push parser in problematic situations (rhbz#843742) - More fixups on the push parser behaviour (rhbz#843742) - Fix a segfault on XSD validation on pattern error - Fix an unimplemented part in RNG value validation