MGASA-2015-0199 Updated perl-XML-LibXML packages fix CVE-2015-3451

Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...

Updated perl-XML-LibXML packages fix CVE-2015-3451

Updated perl-XML-LibXML package fixes security vulnerability: Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected...

Ubuntu 14.04 LTS : XML::LibXML vulnerability (USN-2592-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2592-1 advisory. Tilmann Haak discovered that XML::LibXML incorrectly handled the expandentities parameter in certain situations. A remote attacker could possibly use this issue t...

Ubuntu: Security Advisory (USN-2592-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2592-1: XML::LibXML vulnerability

Tilmann Haak discovered that XML::LibXML incorrectly handled the expandentities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information...

[USN-2592-1] XML::LibXML vulnerability

========================================================================== Ubuntu Security Notice USN-2592-1 May 04, 2015 libxml-libxml-perl vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...

XML::LibXML information leakage

Information disclosure on expandentities...

Debian DSA-3243-1 : libxml-libxml-perl - security update

Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...

[SECURITY] [DSA 3243-1] libxml-libxml-perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3243-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 01, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3243-1 (libxml-libxml-perl - security update)

Tilmann Haak from xing.com discovered that XML::LibXML, a Perl interface to the libxml2 library, did not respect the expandentities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending ...

DSA-3243-1 libxml-libxml-perl - security update

Bulletin has no description...

CVE-2015-3451

The clone function in XML::LibXML before 2.0119 does not properly set the expandentities option, which allows remote attackers to conduct XML external entity XXE attacks via crafted XML data to the 1 new or 2 loadxml function...

Debian DLA-214-1 : libxml-libxml-perl security update

In some cases, XML::LibXML did not respect the request to disable entities expansion. Applications handling untrusted XML files can then be tricked into disclosing the content of local files. In Debian 6 'Squeeze', this issue has been fixed in libxml-libxml-perl version 1.70.ds-1+deb6u1. NOTE:...

[SECURITY] [DLA 214-1] libxml-libxml-perl security update

Package : libxml-libxml-perl Version : 1.70.ds-1+deb6u1 CVE ID : CVE-2015-3451 Debian Bug : 783443 In some cases, XML::LibXML did not respect the request to disable entities expansion. Applications handling untrusted XML files can then be tricked into disclosing the content of local files. In...

Debian: Security Advisory (DSA-3243-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libxml-1.8.17 package of the Red Hat Enterprise Linux operating system can be exploited, which may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information

The multiple vulnerabilities in the libxml-security-c14 package of the Debian GNU/Linux operating system can be exploited, leading to a breach of the integrity of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information

The multiple vulnerabilities in the libxml-security-c-dev package of the Debian GNU/Linux operating system may lead to a breach of the integrity of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libxml-devel-1.8.14 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information

The multiple vulnerabilities in the libxml-security-c package of the Debian GNU/Linux operating system can be exploited, leading to a breach of the integrity of protected information. These vulnerabilities can be exploited remotely...