|
|
>> Mandriva Security Update Fixes Libxml2 Denial of Service Vulnerability
|
Title : Mandriva Security Update Fixes Libxml2 Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2008-2434
CVE ID : CVE-2008-3281
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-08-25
|
A vulnerability has been identified in Mandriva, which could be exploited by attackers to cause a denial of service. This issue is caused by an error in Libxml2. For additional information, see : VUPEN/ADV-2008-2419
Affected Products
Mandriva Linux 2007.1
Mandriva Linux 2008.0
Mandriva Linux 2008.1
Mandriva Corporate 3.0
Mandriva Corporate 4.0
Solution
Upgrade the affected packages :
Mandriva Linux 2007.1:
0e7e7f12391a30bcad97148156c4021e 2007.1/i586/libxml2-2.6.27-3.3mdv2007.1.i586.rpm
0b5ac70ca6d0c4629b55f22de5b4cfe1 2007.1/i586/libxml2-devel-2.6.27-3.3mdv2007.1.i586.rpm
7f0f963039543e0c355ed6bc265b892d 2007.1/i586/libxml2-python-2.6.27-3.3mdv2007.1.i586.rpm
f838395420a606ff99506083d7724446 2007.1/i586/libxml2-utils-2.6.27-3.3mdv2007.1.i586.rpm
13c600c7dc6b122382e4954dd6f860d9 2007.1/SRPMS/libxml2-2.6.27-3.3mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
d870241070ef7910492520f3d82e7ac4 2007.1/x86_64/lib64xml2-2.6.27-3.3mdv2007.1.x86_64.rpm
a80401388080f9edfe7c18cb5e7546a4 2007.1/x86_64/lib64xml2-devel-2.6.27-3.3mdv2007.1.x86_64.rpm
74a8562ab17245e69d2aedc7caee0cbe 2007.1/x86_64/lib64xml2-python-2.6.27-3.3mdv2007.1.x86_64.rpm
bc2205dbc15c0a79823bc194ec44239b 2007.1/x86_64/libxml2-utils-2.6.27-3.3mdv2007.1.x86_64.rpm
13c600c7dc6b122382e4954dd6f860d9 2007.1/SRPMS/libxml2-2.6.27-3.3mdv2007.1.src.rpm
Mandriva Linux 2008.0:
74c2de7a4de03821464265c2fa92ff31 2008.0/i586/libxml2_2-2.6.30-1.3mdv2008.0.i586.rpm
d65194af9740f35526643d57a17cfe09 2008.0/i586/libxml2-devel-2.6.30-1.3mdv2008.0.i586.rpm
74be68dc85fbced68366d4d98dd892fe 2008.0/i586/libxml2-python-2.6.30-1.3mdv2008.0.i586.rpm
5f0bcfb876ab3f3dd2f6a77445c69c32 2008.0/i586/libxml2-utils-2.6.30-1.3mdv2008.0.i586.rpm
f01b8b581b2f7169d1fda3b981fbeb47 2008.0/SRPMS/libxml2-2.6.30-1.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
5d8132763cbdf5d4413b8745a72861d0 2008.0/x86_64/lib64xml2_2-2.6.30-1.3mdv2008.0.x86_64.rpm
28403f0cdb42beb96ea462da49eb2acf 2008.0/x86_64/lib64xml2-devel-2.6.30-1.3mdv2008.0.x86_64.rpm
efe6ca94eed2d71ef250fca9debe9398 2008.0/x86_64/libxml2-python-2.6.30-1.3mdv2008.0.x86_64.rpm
5aab5928d06cb2c83062ffe8ee735c32 2008.0/x86_64/libxml2-utils-2.6.30-1.3mdv2008.0.x86_64.rpm
f01b8b581b2f7169d1fda3b981fbeb47 2008.0/SRPMS/libxml2-2.6.30-1.3mdv2008.0.src.rpm
Mandriva Linux 2008.1:
293f299a02310a9983b10af19feff376 2008.1/i586/libxml2_2-2.6.31-1.2mdv2008.1.i586.rpm
80f545767f13d8fd4932dacacee20a33 2008.1/i586/libxml2-devel-2.6.31-1.2mdv2008.1.i586.rpm
454e8ddd1c1992d246c79c753b8223ee 2008.1/i586/libxml2-python-2.6.31-1.2mdv2008.1.i586.rpm
1c6c58c30f702a2bb0728ebe0e1b6419 2008.1/i586/libxml2-utils-2.6.31-1.2mdv2008.1.i586.rpm
83b3d77f4c2670c122dac49be9f881ad 2008.1/SRPMS/libxml2-2.6.31-1.2mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
6ae456ff0cbb8807b3e4410f125a3d13 2008.1/x86_64/lib64xml2_2-2.6.31-1.2mdv2008.1.x86_64.rpm
a34fa905949d6e6a7a075b1973972969 2008.1/x86_64/lib64xml2-devel-2.6.31-1.2mdv2008.1.x86_64.rpm
f5c0f33902c572af1e410d05132c48d5 2008.1/x86_64/libxml2-python-2.6.31-1.2mdv2008.1.x86_64.rpm
e77f3c3294711f26776aab859f4766e8 2008.1/x86_64/libxml2-utils-2.6.31-1.2mdv2008.1.x86_64.rpm
83b3d77f4c2670c122dac49be9f881ad 2008.1/SRPMS/libxml2-2.6.31-1.2mdv2008.1.src.rpm
Corporate 3.0:
7d5936c9d0511ed95f6fcf08a5294cfe corporate/3.0/i586/libxml2-2.6.6-1.4.C30mdk.i586.rpm
f28230a8224650d5b39bd58d3f4622b1 corporate/3.0/i586/libxml2-devel-2.6.6-1.4.C30mdk.i586.rpm
843c80943883b90d12ad32cda2d83326 corporate/3.0/i586/libxml2-python-2.6.6-1.4.C30mdk.i586.rpm
3bc2ec50ad15487d061dafd6d9f531c3 corporate/3.0/i586/libxml2-utils-2.6.6-1.4.C30mdk.i586.rpm
92810ebaa102c5cb0ff668c71618324f corporate/3.0/SRPMS/libxml2-2.6.6-1.4.C30mdk.src.rpm
Corporate 3.0/X86_64:
071e045bc41c2ef21a9f84fbc370b0ad corporate/3.0/x86_64/lib64xml2-2.6.6-1.4.C30mdk.x86_64.rpm
8acdbcbd8e6e627da9ef9f5cbc8f4376 corporate/3.0/x86_64/lib64xml2-devel-2.6.6-1.4.C30mdk.x86_64.rpm
8d6996f11cfcb04f40f2683b4130c8ae corporate/3.0/x86_64/lib64xml2-python-2.6.6-1.4.C30mdk.x86_64.rpm
951f1f1e387b5e7532692bd8995ceb6b corporate/3.0/x86_64/libxml2-utils-2.6.6-1.4.C30mdk.x86_64.rpm
92810ebaa102c5cb0ff668c71618324f corporate/3.0/SRPMS/libxml2-2.6.6-1.4.C30mdk.src.rpm
Corporate 4.0:
a567e8e1be2bac04e0d195a664b6d19e corporate/4.0/i586/libxml2-2.6.21-3.3.20060mlcs4.i586.rpm
22166fa3ef87d411aaecc65b91865b16 corporate/4.0/i586/libxml2-devel-2.6.21-3.3.20060mlcs4.i586.rpm
528badeb9e54049b50bba71340e3d746 corporate/4.0/i586/libxml2-python-2.6.21-3.3.20060mlcs4.i586.rpm
0f2112cd522c42c0a0f37e650c73f5fe corporate/4.0/i586/libxml2-utils-2.6.21-3.3.20060mlcs4.i586.rpm
635d80e411a9879305e3680d8ae580e2 corporate/4.0/SRPMS/libxml2-2.6.21-3.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
5ce85e1e45a61879aae403d14f1855c9 corporate/4.0/x86_64/lib64xml2-2.6.21-3.3.20060mlcs4.x86_64.rpm
7f62f9b30269146108dcbdb6739bcfcf corporate/4.0/x86_64/lib64xml2-devel-2.6.21-3.3.20060mlcs4.x86_64.rpm
0d036dfba5b6f6b3808da1990c81a052 corporate/4.0/x86_64/lib64xml2-python-2.6.21-3.3.20060mlcs4.x86_64.rpm
a14d4aece647e7cec6b6c908d6c2ac90 corporate/4.0/x86_64/libxml2-utils-2.6.21-3.3.20060mlcs4.x86_64.rpm
635d80e411a9879305e3680d8ae580e2 corporate/4.0/SRPMS/libxml2-2.6.21-3.3.20060mlcs4.src.rpm
References
http://www.vupen.com/english/advisories/2008/2434
http://archives.mandrivalinux.com/security-announce/2008-08/msg00023.php
http://archives.mandrivalinux.com/security-announce/2008-08/msg00024.php
ChangeLog
2008-08-25 : Initial release
2008-08-27 : Updated Solution
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
