============================================================================ Ubuntu Security Notice USN-1587-1 September 27, 2012 libxml2 vulnerability ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: Applications using libxml2 could be made to crash or run programs as your login if they opened a specially crafted file. Software Description: - libxml2: GNOME XML library Details: Juri Aedla discovered that libxml2 incorrectly handled certain memory operations. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.2 Ubuntu 11.10: libxml2 2.7.8.dfsg-4ubuntu0.4 Ubuntu 11.04: libxml2 2.7.8.dfsg-2ubuntu0.5 Ubuntu 10.04 LTS: libxml2 2.7.6.dfsg-1ubuntu1.6 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.10 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1587-1 CVE-2012-2807 Package Information: https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.2 https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-4ubuntu0.4 https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-2ubuntu0.5 https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1ubuntu1.6 https://launchpad.net/ubuntu/+source/libxml2/2.6.31.dfsg-2ubuntu1.10