Package name
libxml2
Date
2010-11-29
Advisory ID
MDVSA-2010:243
Affected versions
2009.0 x86_64 , MES5 i586 , 2010.0 x86_64 , 2010.1 i586 , 2010.0 i586 , 2009.0 i586 , CS4.0 i586 , CS4.0 x86_64 , MES5 x86_64 , 2010.1 x86_64

Problem description

A vulnerability was discovered and corrected in libxml2:

libxml2 before 2.7.8 reads from invalid memory locations
during processing of malformed XPath expressions, which allows
context-dependent attackers to cause a denial of service (application
crash) via a crafted XML document (CVE-2010-4008).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Updated packages

2009.0 x86_64

 aab2482cab13939e3d0ce93cfdd2d1b2  2009.0/x86_64/lib64xml2_2-2.7.1-1.5mdv2009.0.x86_64.rpm
 bac2084ecea5fd9459bd90f34f853045  2009.0/x86_64/lib64xml2-devel-2.7.1-1.5mdv2009.0.x86_64.rpm
 418b6a3177323b782d9bb191f2d491e1  2009.0/x86_64/libxml2-python-2.7.1-1.5mdv2009.0.x86_64.rpm
 69fd3a07ad8ac5a5eb44e2d1414104db  2009.0/x86_64/libxml2-utils-2.7.1-1.5mdv2009.0.x86_64.rpm 
 51bdedc951b8bbb6bbc3748c6a4b5f1f  2009.0/SRPMS/libxml2-2.7.1-1.5mdv2009.0.src.rpm

MES5 i586

 4bc323f7bc1dab4927a7e8c4838ccc20  mes5/i586/libxml2_2-2.7.1-1.5mdvmes5.1.i586.rpm
 5a1d23b817beb1fe3f2e939b0d2909ad  mes5/i586/libxml2-devel-2.7.1-1.5mdvmes5.1.i586.rpm
 f53fd718b6f6e8e0e30b01aeb12b2f47  mes5/i586/libxml2-python-2.7.1-1.5mdvmes5.1.i586.rpm
 717dc7dee73859eb65f68195fa4f80bc  mes5/i586/libxml2-utils-2.7.1-1.5mdvmes5.1.i586.rpm 
 5fbf33c05587c8d4f1708737d52ffd58  mes5/SRPMS/libxml2-2.7.1-1.5mdvmes5.1.src.rpm

2010.0 x86_64

 c63c714501a5b8ca2b9b6e9d5e937ddb  2010.0/x86_64/lib64xml2_2-2.7.6-1.1mdv2010.0.x86_64.rpm
 657be2ee648752464520066023bd30ea  2010.0/x86_64/lib64xml2-devel-2.7.6-1.1mdv2010.0.x86_64.rpm
 9d59d8f80191f2ed759de95958b4e0db  2010.0/x86_64/libxml2-python-2.7.6-1.1mdv2010.0.x86_64.rpm
 e2d0e7fdba10ad335bb9b58d0d8afb66  2010.0/x86_64/libxml2-utils-2.7.6-1.1mdv2010.0.x86_64.rpm 
 145009255e759becf090ccbb7a222776  2010.0/SRPMS/libxml2-2.7.6-1.1mdv2010.0.src.rpm

2010.1 i586

 e593d08acde951507fce73dbdf279b36  2010.1/i586/libxml2_2-2.7.7-1.1mdv2010.1.i586.rpm
 53b338fe99b6824cb6edb16e3d388b51  2010.1/i586/libxml2-devel-2.7.7-1.1mdv2010.1.i586.rpm
 139dacf78c8fb08030a5182784c112ec  2010.1/i586/libxml2-python-2.7.7-1.1mdv2010.1.i586.rpm
 8dda64f49b49952502c50bf245ebf678  2010.1/i586/libxml2-utils-2.7.7-1.1mdv2010.1.i586.rpm 
 199d8b8af1f42c409b18e51731baf896  2010.1/SRPMS/libxml2-2.7.7-1.1mdv2010.1.src.rpm

2010.0 i586

 fb5c9604e47d24e09ad712a649fcc35c  2010.0/i586/libxml2_2-2.7.6-1.1mdv2010.0.i586.rpm
 6403c9bdaed960dbb3bcbe68666a52b7  2010.0/i586/libxml2-devel-2.7.6-1.1mdv2010.0.i586.rpm
 586212f51e0791a0f2a38c7be5d9716a  2010.0/i586/libxml2-python-2.7.6-1.1mdv2010.0.i586.rpm
 3be0dee356f402a507ad6b5d7a325a6d  2010.0/i586/libxml2-utils-2.7.6-1.1mdv2010.0.i586.rpm 
 145009255e759becf090ccbb7a222776  2010.0/SRPMS/libxml2-2.7.6-1.1mdv2010.0.src.rpm

2009.0 i586

 cae85730aaa16e754195e18b2b128d48  2009.0/i586/libxml2_2-2.7.1-1.5mdv2009.0.i586.rpm
 f4edef0bd2539c874a4ee18dd3235495  2009.0/i586/libxml2-devel-2.7.1-1.5mdv2009.0.i586.rpm
 592bbd5ad884cb7f15626d8ec00a945c  2009.0/i586/libxml2-python-2.7.1-1.5mdv2009.0.i586.rpm
 abfc530fe15542acf77e3abee46c5348  2009.0/i586/libxml2-utils-2.7.1-1.5mdv2009.0.i586.rpm 
 51bdedc951b8bbb6bbc3748c6a4b5f1f  2009.0/SRPMS/libxml2-2.7.1-1.5mdv2009.0.src.rpm

CS4.0 i586

 0c4e8b2ac2a276d280b66b6fa8551450  corporate/4.0/i586/libxml2-2.6.21-3.7.20060mlcs4.i586.rpm
 53ccb20aea237421519e86d717a65369  corporate/4.0/i586/libxml2-devel-2.6.21-3.7.20060mlcs4.i586.rpm
 d08ff4980c6aca39516d1e726fbb974c  corporate/4.0/i586/libxml2-python-2.6.21-3.7.20060mlcs4.i586.rpm
 fb30f123c27a29bd1efe793cfc257f90  corporate/4.0/i586/libxml2-utils-2.6.21-3.7.20060mlcs4.i586.rpm 
 46e9c8c019741553dd345a4d4487eb49  corporate/4.0/SRPMS/libxml2-2.6.21-3.7.20060mlcs4.src.rpm

CS4.0 x86_64

 92bc21ac3d7d357222b563fcb324b3c3  corporate/4.0/x86_64/lib64xml2-2.6.21-3.7.20060mlcs4.x86_64.rpm
 eb0624c01c1c4d3252ddeaf8163134eb  corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.7.20060mlcs4.x86_64.rpm
 80b58173e21e7f9e57b88082eccbefdc  corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.7.20060mlcs4.x86_64.rpm
 5b7d80b623a1dc07e5dd319919a11fbc  corporate/4.0/x86_64/libxml2-utils-2.6.21-3.7.20060mlcs4.x86_64.rpm 
 46e9c8c019741553dd345a4d4487eb49  corporate/4.0/SRPMS/libxml2-2.6.21-3.7.20060mlcs4.src.rpm

MES5 x86_64

 06e99ea43205f25da07f39ea5fcc9233  mes5/x86_64/lib64xml2_2-2.7.1-1.5mdvmes5.1.x86_64.rpm
 3ee19da3eebf29286a0543da82ba3707  mes5/x86_64/lib64xml2-devel-2.7.1-1.5mdvmes5.1.x86_64.rpm
 5f1d18dc754447947dd88a1b1cd7ab1d  mes5/x86_64/libxml2-python-2.7.1-1.5mdvmes5.1.x86_64.rpm
 ef5f8b03f8006957af1c289aa61600e1  mes5/x86_64/libxml2-utils-2.7.1-1.5mdvmes5.1.x86_64.rpm 
 5fbf33c05587c8d4f1708737d52ffd58  mes5/SRPMS/libxml2-2.7.1-1.5mdvmes5.1.src.rpm

2010.1 x86_64

 75633f5ec4ef9eebdac70a9ecaab2449  2010.1/x86_64/lib64xml2_2-2.7.7-1.1mdv2010.1.x86_64.rpm
 e452646c112108d11d29a4ba78fba487  2010.1/x86_64/lib64xml2-devel-2.7.7-1.1mdv2010.1.x86_64.rpm
 688e113fc36a3d51ee099e0e2ecaa28a  2010.1/x86_64/libxml2-python-2.7.7-1.1mdv2010.1.x86_64.rpm
 493d57c4ec894516f11b69015b31ef5a  2010.1/x86_64/libxml2-utils-2.7.7-1.1mdv2010.1.x86_64.rpm 
 199d8b8af1f42c409b18e51731baf896  2010.1/SRPMS/libxml2-2.7.7-1.1mdv2010.1.src.rpm

References