Debian Security Advisory 4086-1

Debian Security Advisory 4086-1: Posted Jan 15, 2018; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4086-1 - Nick Wellnhofer discovered that certain function calls inside XPath predicates can lead to use-after-free and double-free errors when executed by libxml2's XPath engine via an XSLT transformation.; tags | advisory; systems | linux, debian; advisories | CVE-2017-15412; SHA-256 | c9350e61620a42729e564c1f542c28ca1791cd838a58a1978f932f188025a3f5; Download | Favorite | View

Debian Security Advisory 4086-1


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4086-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 13, 2018                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libxml2
CVE ID         : CVE-2017-15412
Debian Bug     : 883790

Nick Wellnhofer discovered that certain function calls inside XPath
predicates can lead to use-after-free and double-free errors when
executed by libxml2's XPath engine via an XSLT transformation.

For the oldstable distribution (jessie), this problem has been fixed
in version 2.9.1+dfsg1-5+deb8u6.

For the stable distribution (stretch), this problem has been fixed in
version 2.9.4+dfsg1-2.2+deb9u2.

We recommend that you upgrade your libxml2 packages.

For the detailed security status of libxml2 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/libxml2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlpaNZ1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0T36Q/9FndoMjDnq0FHYDjDu1P3HdQnsbCsDDIRMVx7xPhaPgAYjXaCIGCkw5vQ
ib0QddenfirPEtX46xER/QoreBGe8HhzjUNzOYgmWYgpnSLvW+GIlBUeRrebX6c0
zWBvsWxjxNbgEqllAR2DD6OKvXz7y1ZIV7vDHVTmSIDc7hxMgf/Ypb3kURpdq9HH
6JnM9aIeRJFaw/MB6jwBShHEp5tUaIx5j4JYX1oI4mqdqhImH1wXiERp72TrYhPV
4NzB1ANwCwQTQhPQGKCe5ecdNfGOGhhmtS9U5CrdqjWL0lc2ryXdBh1Aitdty+dx
EbK5K+A15syFtVpCLCf8IOnpIPR+bgkDlnTflXoCEfczrOZ2vXKb5GDV+fWYZ1Hr
OTpDakt40H0KSPg2dOOHynpcuuIkFrd70Bhsb6svvlrlB/45ZjuiUXrSH9fYIsxX
phbFtPglrKKAK5i+mmLR5vyERJnFp4zL9N2XV6BBvoeMF99+vj5COWFyX3FSFpvI
izVYX/uPmHJ4DhSsxWs0xkIL+sLRCIMvTWWjQj308eBAqqpQtK2M8ai86+XfhG/8
jN94aZVEk24FNalifHWmecK5Nul7Q0jfxKFHQlQfDZhhNXUuvaW/mHWAkNPoB0UG
mFQCoFn6m/9p56/P+N3mu1B7PjmrIZntCMhFHXtFoo8WdjJITso=
=TV2m
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 270 files
indoushka 155 files
Jay Turla 150 files
Ubuntu 66 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Debian 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,118)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,096)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,754)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,812)
UNIX (9,453)
UnixWare (188)
Windows (6,765)
Other

Debian Security Advisory 4086-1

Debian Security Advisory 4086-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4086-1

Share This

Debian Security Advisory 4086-1

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems