MDVSA-2008:212
- Package name
- libxml2
- Date
- 2008-10-15
- Advisory ID
- MDVSA-2008:212
- Affected versions
- 2009.0 x86_64 , 2009.0 i586
Problem description
libxml2 version 2.7.0 and 2.7.1 did not properly handle predefined
entities definitions in entities, which allowed context-dependent
attackers to cause a denial of service (memory consumption and
application crash) via certain XML documents (CVE-2008-4409).
The updated packages have been patched to prevent this issue.
Updated packages
2009.0 x86_64
00713f5a3b9461783a0df1b5549ead18 2009.0/x86_64/lib64xml2_2-2.7.1-1.1mdv2009.0.x86_64.rpm c621bb8dc493a626cfa7b3185ac82486 2009.0/x86_64/lib64xml2-devel-2.7.1-1.1mdv2009.0.x86_64.rpm 653b5b900e98cb37355c2f83e589828e 2009.0/x86_64/libxml2-python-2.7.1-1.1mdv2009.0.x86_64.rpm 56f95a96a57191621a381b9a7daa387d 2009.0/x86_64/libxml2-utils-2.7.1-1.1mdv2009.0.x86_64.rpm dc30b693323ce3836b08908773fa2eb2 2009.0/SRPMS/libxml2-2.7.1-1.1mdv2009.0.src.rpm
2009.0 i586
305127cca2848a8131e05f2216e62ce9 2009.0/i586/libxml2_2-2.7.1-1.1mdv2009.0.i586.rpm 69a1270052072eb02503587034591a1a 2009.0/i586/libxml2-devel-2.7.1-1.1mdv2009.0.i586.rpm 20609d45035df33888ed7b22e2ea612b 2009.0/i586/libxml2-python-2.7.1-1.1mdv2009.0.i586.rpm e74d2e54bbf8d2829619b389fff80524 2009.0/i586/libxml2-utils-2.7.1-1.1mdv2009.0.i586.rpm dc30b693323ce3836b08908773fa2eb2 2009.0/SRPMS/libxml2-2.7.1-1.1mdv2009.0.src.rpm