[Frugalware-security] [ FSA-359 ] libxml2
voroskoi
noreply at frugalware.org
Mon Jan 21 21:22:45 CET 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frugalware Security Advisory FSA-359
Date: 2008-01-21
Package: libxml2
Vulnerable versions: <= 2.6.30-1
Unaffected versions: >= 2.6.30-2sayshell1
Related bugreport: http://bugs.frugalware.org/task/2700
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284
Description
===========
A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error within the "xmlCurrentChar()" function. This can be exploited to trigger the execution of an infinite loop via specially crafted UTF-8 sequences.
Updated Packages
================
Check if you have libxml2 installed:
# pacman-g2 -Q libxml2
If found, then you should upgrade to the latest version:
# pacman-g2 -Sy libxml2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info
iD8DBQFHlP8VZ7NElSD1VhkRAhfzAJ4iwvMZWg05hCpW3/nJXQIYl3QTUQCfTRwQ
UHKA8zwjFPswy9aNFh+u8rA=
=Gl+l
-----END PGP SIGNATURE-----
More information about the Frugalware-security
mailing list