exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2010-260

Mandriva Linux Security Advisory 2010-260
Posted Dec 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-260 - A double free vulnerability in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2010-4494
SHA-256 | 87c0fd8a93b7c11d44f9ac4cbdb226583f286950747c052dadae170e3376c4ef

Mandriva Linux Security Advisory 2010-260

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:260
http://www.mandriva.com/security/
_______________________________________________________________________

Package : libxml2
Date : December 29, 2010
Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in libxml2:

A double free vulnerability in libxml2 (xpath.c) allows remote
attackers to cause a denial of service or possibly have unspecified
other impact via vectors related to XPath handling (CVE-2010-4494).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
96c73cd0275bf62c4f55f8b3ced65276 2009.0/i586/libxml2_2-2.7.1-1.6mdv2009.0.i586.rpm
d18337679504219933df364ff99654d1 2009.0/i586/libxml2-devel-2.7.1-1.6mdv2009.0.i586.rpm
0b19bed229abf10f37a0c8e53a78a17c 2009.0/i586/libxml2-python-2.7.1-1.6mdv2009.0.i586.rpm
6bf08a04ea7043f45701995a28a37e59 2009.0/i586/libxml2-utils-2.7.1-1.6mdv2009.0.i586.rpm
a025dd5329b18e0709d9085069345792 2009.0/SRPMS/libxml2-2.7.1-1.6mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
c024c8111a6d49dd066f770e70985f0f 2009.0/x86_64/lib64xml2_2-2.7.1-1.6mdv2009.0.x86_64.rpm
b97952e8024f2de6a527170169d78950 2009.0/x86_64/lib64xml2-devel-2.7.1-1.6mdv2009.0.x86_64.rpm
f9b44c5075667a92b63efbc37c3ab6d9 2009.0/x86_64/libxml2-python-2.7.1-1.6mdv2009.0.x86_64.rpm
307af2c16cc1f8e2a8f33add4d9359e8 2009.0/x86_64/libxml2-utils-2.7.1-1.6mdv2009.0.x86_64.rpm
a025dd5329b18e0709d9085069345792 2009.0/SRPMS/libxml2-2.7.1-1.6mdv2009.0.src.rpm

Mandriva Linux 2010.0:
fb23076b91a89a6c30dfe0a13c60a3a0 2010.0/i586/libxml2_2-2.7.6-1.2mdv2010.0.i586.rpm
2cfe197a520d50b7a4aacbe69e34d992 2010.0/i586/libxml2-devel-2.7.6-1.2mdv2010.0.i586.rpm
11a27a4fbe756782839fc251a03d03c9 2010.0/i586/libxml2-python-2.7.6-1.2mdv2010.0.i586.rpm
d63bf5a32e469c7c85ba8a0b32821375 2010.0/i586/libxml2-utils-2.7.6-1.2mdv2010.0.i586.rpm
86fe4255945ee8127d5a0377e8ac031f 2010.0/SRPMS/libxml2-2.7.6-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
6428ceadebd4b6244caef22abcb52364 2010.0/x86_64/lib64xml2_2-2.7.6-1.2mdv2010.0.x86_64.rpm
7ca4a16224eb8cf414923d9364d12c2f 2010.0/x86_64/lib64xml2-devel-2.7.6-1.2mdv2010.0.x86_64.rpm
381825a5af36865bb160ceccde4836b2 2010.0/x86_64/libxml2-python-2.7.6-1.2mdv2010.0.x86_64.rpm
bb58d3474eb59b21e98828bc2b430dfa 2010.0/x86_64/libxml2-utils-2.7.6-1.2mdv2010.0.x86_64.rpm
86fe4255945ee8127d5a0377e8ac031f 2010.0/SRPMS/libxml2-2.7.6-1.2mdv2010.0.src.rpm

Mandriva Linux 2010.1:
c250b5329744ededca54f1698b36db45 2010.1/i586/libxml2_2-2.7.7-1.2mdv2010.2.i586.rpm
646db4be689674625e8b834c4cb349bb 2010.1/i586/libxml2-devel-2.7.7-1.2mdv2010.2.i586.rpm
a47f416a65258e3988865a69a36c0aa2 2010.1/i586/libxml2-python-2.7.7-1.2mdv2010.2.i586.rpm
e9c0561f1d270470b2219fe2684f67a3 2010.1/i586/libxml2-utils-2.7.7-1.2mdv2010.2.i586.rpm
de403379ceefc94700f79c5b7b6600de 2010.1/SRPMS/libxml2-2.7.7-1.2mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
e95524d4092ef122d8e5af7dfba01738 2010.1/x86_64/lib64xml2_2-2.7.7-1.2mdv2010.2.x86_64.rpm
0616718db2f04e2a11af911cd2dad430 2010.1/x86_64/lib64xml2-devel-2.7.7-1.2mdv2010.2.x86_64.rpm
425b3c53f5b41b489c7c9a60eb999635 2010.1/x86_64/libxml2-python-2.7.7-1.2mdv2010.2.x86_64.rpm
da99f4986439660369d6f7856b65adaa 2010.1/x86_64/libxml2-utils-2.7.7-1.2mdv2010.2.x86_64.rpm
de403379ceefc94700f79c5b7b6600de 2010.1/SRPMS/libxml2-2.7.7-1.2mdv2010.2.src.rpm

Mandriva Enterprise Server 5:
ffc17c14de2a11a726f25267d5f37206 mes5/i586/libxml2_2-2.7.1-1.6mdvmes5.1.i586.rpm
df1dfe80537b71b903a8b9f0978722e6 mes5/i586/libxml2-devel-2.7.1-1.6mdvmes5.1.i586.rpm
fe58d1dbf99b24a773bc444749473574 mes5/i586/libxml2-python-2.7.1-1.6mdvmes5.1.i586.rpm
2d2205080bdf5d55534c91354f29f1b5 mes5/i586/libxml2-utils-2.7.1-1.6mdvmes5.1.i586.rpm
1eb0c0b6d274bd49a0209388fd25f2e1 mes5/SRPMS/libxml2-2.7.1-1.6mdvmes5.1.src.rpm

Mandriva Enterprise Server 5/X86_64:
0f6ec86023a30d2ac2314b8fc79bf431 mes5/x86_64/lib64xml2_2-2.7.1-1.6mdvmes5.1.x86_64.rpm
9cfac03d539b97a255e27e2038f607a9 mes5/x86_64/lib64xml2-devel-2.7.1-1.6mdvmes5.1.x86_64.rpm
b44f5a18eba059dc3ed2ece4af0e604e mes5/x86_64/libxml2-python-2.7.1-1.6mdvmes5.1.x86_64.rpm
7f3c07d27e2b8fa08674f16b0b5e64ee mes5/x86_64/libxml2-utils-2.7.1-1.6mdvmes5.1.x86_64.rpm
1eb0c0b6d274bd49a0209388fd25f2e1 mes5/SRPMS/libxml2-2.7.1-1.6mdvmes5.1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNG1vlmqjQ0CJFipgRAk8hAJ4wwNOcgIDPvZpECml6UDoJAh7FbACgu/e5
KLbVXnunIbjMTSm3GPo/LxQ=
=xSaB
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close