Paketname
libxml2
Datum
2004-03-03
Advisory ID
MDKSA-2004:018
Betroffene Versionen
9.2 amd64 , CS2.1 x86_64 , CS2.1 i586 , 9.2 i586 , 9.1 i586 , 9.1 i586

Problembeschreibung

A flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi Teranishi. When fetching a remote source via FTP or HTTP, libxml2 uses special parsing routines that can overflow a buffer if passed a very long URL. In the event that the attacker can find a program that uses libxml2 which parses remote resources and allows them to influence the URL, this flaw could be used to execute arbitrary code. The updated packages provide a backported fix to correct the problem.

Aktualisierte Pakete

9.2 amd64

 12bfba14856691201fb44eeecd2e0760  amd64/9.2/RPMS/lib64xml2-2.5.11-1.2.92mdk.amd64.rpm
0267276afa32b153be2ab27821f2a45c  amd64/9.2/RPMS/lib64xml2-devel-2.5.11-1.2.92mdk.amd64.rpm
545cdb232a403bb77dbd7ae5881dfe01  amd64/9.2/RPMS/lib64xml2-python-2.5.11-1.2.92mdk.amd64.rpm
32012969ba7f58a67f8569d86ca90246  amd64/9.2/RPMS/libxml2-utils-2.5.11-1.2.92mdk.amd64.rpm
34048480a99f5f04d02902ab918cf5c8  amd64/9.2/SRPMS/libxml2-2.5.11-1.2.92mdk.src.rpm

CS2.1 x86_64

 2bfb3a34f15d5484119f94ea0d8c9d69  x86_64/corporate/2.1/RPMS/libxml2-2.4.23-4.2.C21mdk.x86_64.rpm
251108957d5ba90a9082d1f1976e5fb7  x86_64/corporate/2.1/RPMS/libxml2-devel-2.4.23-4.2.C21mdk.x86_64.rpm
7f4d9e5052d9ca41cd0ed8dba78d2416  x86_64/corporate/2.1/RPMS/libxml2-python-2.4.23-4.2.C21mdk.x86_64.rpm
63e3b6910f6e42b775cb936ce581b16e  x86_64/corporate/2.1/RPMS/libxml2-utils-2.4.23-4.2.C21mdk.x86_64.rpm
153ca0fed634a7485046181baf06ea94  x86_64/corporate/2.1/SRPMS/libxml2-2.4.23-4.2.C21mdk.src.rpm

CS2.1 i586

 51af35991ac6ceef5cd6ddc4330e1995  corporate/2.1/RPMS/libxml2-2.4.23-4.2.C21mdk.i586.rpm
34e6aa4c010e14199767c97d5fe0b706  corporate/2.1/RPMS/libxml2-devel-2.4.23-4.2.C21mdk.i586.rpm
9b551a5dfa4129f88fa90062ed684725  corporate/2.1/RPMS/libxml2-python-2.4.23-4.2.C21mdk.i586.rpm
7c2efde8dde2fabc15d0c59fd867d156  corporate/2.1/RPMS/libxml2-utils-2.4.23-4.2.C21mdk.i586.rpm
153ca0fed634a7485046181baf06ea94  corporate/2.1/SRPMS/libxml2-2.4.23-4.2.C21mdk.src.rpm

9.2 i586

 6566203ab3c4fb904ae0126196aaf400  9.2/RPMS/libxml2-2.5.11-1.2.92mdk.i586.rpm
5552925b636b9926059c5c27ca37a588  9.2/RPMS/libxml2-devel-2.5.11-1.2.92mdk.i586.rpm
377f7250ee689d7ee7453b852e651d02  9.2/RPMS/libxml2-python-2.5.11-1.2.92mdk.i586.rpm
7e04e506249fbb224690ce3cc6434776  9.2/RPMS/libxml2-utils-2.5.11-1.2.92mdk.i586.rpm
34048480a99f5f04d02902ab918cf5c8  9.2/SRPMS/libxml2-2.5.11-1.2.92mdk.src.rpm

9.1 i586

 9b91d9a62e88829d180335e93005d706  9.1/RPMS/libxml2-2.5.4-1.2.91mdk.i586.rpm
42ea5fe9ee7733bab3e726cb0005a9e8  9.1/RPMS/libxml2-devel-2.5.4-1.2.91mdk.i586.rpm
98642ae61a8884d25878bc91f1d06622  9.1/RPMS/libxml2-python-2.5.4-1.2.91mdk.i586.rpm
3a7b2acf410ed9d6dc7d34d7e7fc319a  9.1/RPMS/libxml2-utils-2.5.4-1.2.91mdk.i586.rpm
bbb88662f90ff49f28a2e3e6905106f3  9.1/SRPMS/libxml2-2.5.4-1.2.91mdk.src.rpm

9.1 i586

 bcf80b555579701ed2ba8925bc1a9634  ppc/9.1/RPMS/libxml2-2.5.4-1.2.91mdk.ppc.rpm
3f6a1d38b9aaefd39a2ad116ec65643d  ppc/9.1/RPMS/libxml2-devel-2.5.4-1.2.91mdk.ppc.rpm
cdb9ee131ca5bd58564259d6917a9c56  ppc/9.1/RPMS/libxml2-python-2.5.4-1.2.91mdk.ppc.rpm
3c96adac2eb332f1e535b80e626a2c80  ppc/9.1/RPMS/libxml2-utils-2.5.4-1.2.91mdk.ppc.rpm
bbb88662f90ff49f28a2e3e6905106f3  ppc/9.1/SRPMS/libxml2-2.5.4-1.2.91mdk.src.rpm

Referenzen