RHEL 2.1 : libxml2 (RHSA-2008:0886)

Updated libxml2 packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It...

USN-644-1: libxml2 vulnerabilities

It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of...

libxml2 security update

CentOS Errata and Security Advisory CESA-2008:0884 Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a...

libxml2: long entity name heap buffer overflow

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a long XML entity name...

Important: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It...

libxml2: billion laughs DoS attack

libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka the "billion laughs...

Important: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. The libxml2 packages provide a library that allows you to manipulate XML files. It...

PT-2008-1063 · Xmlsoft +1 · Libxml2 +1

Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.7.0 libxml2 versions prior to 2.7.2 Description: The issue is related to a heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2, which allows context-dependent attackers to caus...

libxml2 security update

2.6.26-2.1.2.6.0.1 - Add libxml2-enterprise.patch and update logos in tarball 2.6.26-2.1.2.6 - Patch to fix an entity name copy buffer overflow CVE-2008-3529 - Resolves: rhbz461023...

[SECURITY] Fedora 9 Update: libxml2-2.6.32-3.fc9

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

[SECURITY] Fedora 8 Update: libxml2-2.6.32-2.fc8

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Fedora 8 : libxml2-2.6.32-2.fc8 (2008-7724)

Mon Aug 25 2008 Daniel Veillard 2.6.31-2.fc8 - fix for entities recursion problem - Resolve: rhbz459712 - Fri Apr 11 2008 Daniel Veillard 2.6.32-1.fc8 - upstream release 2.6.32 see http://xmlsoft.org/news.html - many bugs fixed upstrea - Fri Jan 11 2008 Daniel Veillard 2.6.31-1.fc8 - upstream...

Fedora 9 : libxml2-2.6.32-3.fc9 (2008-7395)

Mon Aug 25 2008 Daniel Veillard 2.6.31-3.fc9 - fix for entities recursion problem - Resolve: rhbz459713 - Thu May 15 2008 Daniel Veillard 2.6.31-2.fc9 - try to fix multiarch problems like 440206 Note that Tenable Network Security has extracted the preceding description block directly from the...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : libxml2 vulnerability (USN-640-1)

Andreas Solberg discovered that libxml2 did not handle recursive entities safely. If an application linked against libxml2 were made to process a specially crafted XML document, a remote attacker could exhaust the system's CPU resources, leading to a denial of service. Note that Tenable Network...

Debian: Security Advisory (DSA-1631-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: libxml

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: libxml2

The remote host is missing an update to the system as announced in the referenced advisory. VID 847ade05-6717-11d8-b321-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: libxml

The remote host is missing an update to the system as announced in the referenced advisory. VID 9ff4c91e-328c-11d9-a9e7-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian Security Advisory DSA 1631-1 (libxml2)

The remote host is missing an update to libxml2 announced via advisory DSA 1631-1. OpenVAS Vulnerability Test $Id: deb16311.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1631-1 libxml2 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: libxml2

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...