what you don't know can hurt you

Mandriva Linux Security Advisory 2011-145

Mandriva Linux Security Advisory 2011-145
Posted Oct 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-145 - Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling.

tags | advisory, remote, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2011-2821, CVE-2011-2834
MD5 | 52e8b3d4dd3c025b8c292f3ee81b3eed

Mandriva Linux Security Advisory 2011-145

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:145
http://www.mandriva.com/security/
_______________________________________________________________________

Package : libxml2
Date : October 9, 2011
Affected: 2009.0, 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Double free vulnerabilities in libxml2 allows remote attackers to cause
a denial of service or possibly have unspecified other impact via a
crafted XPath expression and via vectors related to XPath handling
(CVE-2011-2821, CVE-2011-2834).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
209b07b6de051ff5aec516f90d0422f4 2009.0/i586/libxml2_2-2.7.1-1.8mdv2009.0.i586.rpm
79a2f6e4f012fdd417f379e0b0036d54 2009.0/i586/libxml2-devel-2.7.1-1.8mdv2009.0.i586.rpm
cb0134183154b0014b08aad4b37ea73a 2009.0/i586/libxml2-python-2.7.1-1.8mdv2009.0.i586.rpm
118448ed71392dd8c2684277b49e4b74 2009.0/i586/libxml2-utils-2.7.1-1.8mdv2009.0.i586.rpm
b684a79602cb5e1bbf368642d85f68fa 2009.0/SRPMS/libxml2-2.7.1-1.8mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
998b5bb8b7d018f03136b646e1b06fdb 2009.0/x86_64/lib64xml2_2-2.7.1-1.8mdv2009.0.x86_64.rpm
b1df1cc7c73c6e8d5b3bc0d39f43fa8d 2009.0/x86_64/lib64xml2-devel-2.7.1-1.8mdv2009.0.x86_64.rpm
b2e99d7897c1bd6263017f02e98623ae 2009.0/x86_64/libxml2-python-2.7.1-1.8mdv2009.0.x86_64.rpm
b7dcd0efbe0280e34fe007e278932a77 2009.0/x86_64/libxml2-utils-2.7.1-1.8mdv2009.0.x86_64.rpm
b684a79602cb5e1bbf368642d85f68fa 2009.0/SRPMS/libxml2-2.7.1-1.8mdv2009.0.src.rpm

Mandriva Linux 2010.1:
b390da9668b76bcf7ffcc8a7bbb53cb5 2010.1/i586/libxml2_2-2.7.7-1.4mdv2010.2.i586.rpm
be6fd2244124176aabf9f89b051f7542 2010.1/i586/libxml2-devel-2.7.7-1.4mdv2010.2.i586.rpm
dceee4844d365d68c4fe84c69bdd45cc 2010.1/i586/libxml2-python-2.7.7-1.4mdv2010.2.i586.rpm
0e45e718e4ef244cb3da314d7d5fe170 2010.1/i586/libxml2-utils-2.7.7-1.4mdv2010.2.i586.rpm
a1f749d4ef5dc23d760d2d8dc79b7e80 2010.1/SRPMS/libxml2-2.7.7-1.4mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
8e9c6a2893459d61c8987a4791838c7f 2010.1/x86_64/lib64xml2_2-2.7.7-1.4mdv2010.2.x86_64.rpm
5a65bad0467ce6c6bccadedbd6ba7300 2010.1/x86_64/lib64xml2-devel-2.7.7-1.4mdv2010.2.x86_64.rpm
4b4add103bd98bfb13d92a83bd69d232 2010.1/x86_64/libxml2-python-2.7.7-1.4mdv2010.2.x86_64.rpm
67c5b1c6e287b153c521c125d7f4c40a 2010.1/x86_64/libxml2-utils-2.7.7-1.4mdv2010.2.x86_64.rpm
a1f749d4ef5dc23d760d2d8dc79b7e80 2010.1/SRPMS/libxml2-2.7.7-1.4mdv2010.2.src.rpm

Mandriva Linux 2011:
a06dd522b3cac6eb67be595b34edab80 2011/i586/libxml2_2-2.7.8-6.2-mdv2011.0.i586.rpm
d5356190d0ca32bb10d7df3bf4b53626 2011/i586/libxml2-devel-2.7.8-6.2-mdv2011.0.i586.rpm
c536fdef7c40640e2c22442ca17c2685 2011/i586/libxml2-python-2.7.8-6.2-mdv2011.0.i586.rpm
d414c5f632c4fb9ccf8452269548c5d4 2011/i586/libxml2-utils-2.7.8-6.2-mdv2011.0.i586.rpm
cae1d275c88bbb8f2d4ea3bc62c15066 2011/SRPMS/libxml2-2.7.8-6.2.src.rpm

Mandriva Linux 2011/X86_64:
2335fd4f854387849e11cbb3a373f619 2011/x86_64/lib64xml2_2-2.7.8-6.2-mdv2011.0.x86_64.rpm
64e6582b9f726f4eaa9a5d79f3277081 2011/x86_64/lib64xml2-devel-2.7.8-6.2-mdv2011.0.x86_64.rpm
9d35412e2549537879ea108350d7a252 2011/x86_64/libxml2-python-2.7.8-6.2-mdv2011.0.x86_64.rpm
8adc79ebc7ce22b78677467a64fd9074 2011/x86_64/libxml2-utils-2.7.8-6.2-mdv2011.0.x86_64.rpm
cae1d275c88bbb8f2d4ea3bc62c15066 2011/SRPMS/libxml2-2.7.8-6.2.src.rpm

Mandriva Enterprise Server 5:
dd45c34e2b9c3427a3e3322122918855 mes5/i586/libxml2_2-2.7.1-1.8mdvmes5.2.i586.rpm
e1ec6cbbf6db0ac41b80591c5697b72d mes5/i586/libxml2-devel-2.7.1-1.8mdvmes5.2.i586.rpm
44c69acf5ea338eeb1c2a885cd6d990b mes5/i586/libxml2-python-2.7.1-1.8mdvmes5.2.i586.rpm
50f4aab7fe60e69a38f5da6b3989c636 mes5/i586/libxml2-utils-2.7.1-1.8mdvmes5.2.i586.rpm
bbcb0ee0595285d0195be0b433b01f51 mes5/SRPMS/libxml2-2.7.1-1.8mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
2f5601898b050b63c6bcc67859b371cc mes5/x86_64/lib64xml2_2-2.7.1-1.8mdvmes5.2.x86_64.rpm
88c3f00377c5bec85a213459cb88f0cd mes5/x86_64/lib64xml2-devel-2.7.1-1.8mdvmes5.2.x86_64.rpm
8ccdad600cdae46d594f5ca37b1bcd57 mes5/x86_64/libxml2-python-2.7.1-1.8mdvmes5.2.x86_64.rpm
8ccf73d9975c8d88844af0230095e6eb mes5/x86_64/libxml2-utils-2.7.1-1.8mdvmes5.2.x86_64.rpm
bbcb0ee0595285d0195be0b433b01f51 mes5/SRPMS/libxml2-2.7.1-1.8mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOkc1HmqjQ0CJFipgRAjvzAJ4722/SxBvXd4qHdzYjvXjyOggU9ACg7Klc
ZReJPcU+Y7vdYaWPNy9r0/w=
=DRnl
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

March 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    2 Files
  • 2
    Mar 2nd
    18 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    12 Files
  • 5
    Mar 5th
    19 Files
  • 6
    Mar 6th
    8 Files
  • 7
    Mar 7th
    1 Files
  • 8
    Mar 8th
    1 Files
  • 9
    Mar 9th
    11 Files
  • 10
    Mar 10th
    15 Files
  • 11
    Mar 11th
    9 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    13 Files
  • 14
    Mar 14th
    10 Files
  • 15
    Mar 15th
    13 Files
  • 16
    Mar 16th
    27 Files
  • 17
    Mar 17th
    15 Files
  • 18
    Mar 18th
    23 Files
  • 19
    Mar 19th
    25 Files
  • 20
    Mar 20th
    10 Files
  • 21
    Mar 21st
    6 Files
  • 22
    Mar 22nd
    1 Files
  • 23
    Mar 23rd
    22 Files
  • 24
    Mar 24th
    15 Files
  • 25
    Mar 25th
    23 Files
  • 26
    Mar 26th
    20 Files
  • 27
    Mar 27th
    15 Files
  • 28
    Mar 28th
    10 Files
  • 29
    Mar 29th
    1 Files
  • 30
    Mar 30th
    18 Files
  • 31
    Mar 31st
    6 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close