ELSA-2012-0324

Опубликовано: 21 фев. 2012

Источник: oracle-oval

Платформа: Oracle Linux 5

Платформа: Oracle Linux 6

Описание

ELSA-2012-0324: libxml2 security update (MODERATE)

[2.7.6-4.0.1.el6_2.4]

Update doc/redhat.gif in tarball
Add libxml2-oracle-enterprise.patch and update logos in tarball

[2.7.6-4.el6_2.4]

remove chunk in patch related to configure.in as it breaks rebuild
Resolves: rhbz#788845

[2.7.6-4.el6_2.3]

fix previous build to force compilation of randomization code
Resolves: rhbz#788845

[2.7.6-4.el6_2.2]

adds randomization to hash and dict structures CVE-2012-0841
Resolves: rhbz#788845

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

libxml2

2.6.26-2.1.15.0.1.el5_8.2

libxml2-devel

2.6.26-2.1.15.0.1.el5_8.2

libxml2-python

2.6.26-2.1.15.0.1.el5_8.2

Oracle Linux x86_64

libxml2

2.6.26-2.1.15.0.1.el5_8.2

libxml2-devel

2.6.26-2.1.15.0.1.el5_8.2

libxml2-python

2.6.26-2.1.15.0.1.el5_8.2

Oracle Linux i386

libxml2

2.6.26-2.1.15.0.1.el5_8.2

libxml2-devel

2.6.26-2.1.15.0.1.el5_8.2

libxml2-python

2.6.26-2.1.15.0.1.el5_8.2

Oracle Linux 6

Oracle Linux x86_64

libxml2

2.7.6-4.0.1.el6_2.4

libxml2-devel

2.7.6-4.0.1.el6_2.4

libxml2-python

2.7.6-4.0.1.el6_2.4

libxml2-static

2.7.6-4.0.1.el6_2.4

Oracle Linux i686

libxml2

2.7.6-4.0.1.el6_2.4

libxml2-devel

2.7.6-4.0.1.el6_2.4

libxml2-python

2.7.6-4.0.1.el6_2.4

libxml2-static

2.7.6-4.0.1.el6_2.4

Связанные CVE

CVE-2012-0841

Ссылки на источники

Связанные уязвимости

CVE-2012-0841

ubuntu

больше 12 лет назад

libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.

CVE-2012-0841

redhat

больше 13 лет назад

CVE-2012-0841

nvd

больше 12 лет назад

CVE-2012-0841

debian

больше 12 лет назад

libxml2 before 2.8.0 computes hash values without restricting the abil ...

GHSA-339p-rqfr-wg3j

github

около 3 лет назад