[xml/sgml-pkgs] Bug#278622: libxml2: CAN-2004-0989: multiple buffer overflows
Martin Pitt
Martin Pitt <martin.pitt@canonical.com>, 278622@bugs.debian.org
Thu, 28 Oct 2004 11:19:38 +0200
--pf9I7BMVVzbSWLtt
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: libxml2
Version: 2.6.11-3
Severity: critical
Tags: patch
libxml2 is vulnerable to CAN-2004-0989. Please see=20
http://www.securityfocus.com/archive/1/379383/2004-10-24/2004-10-30/0
=20
for details.
I just uploaded fixed Ubuntu packages; the package interdiff
containing the patch can be downloaded from our bug tracking system:
https://bugzilla.ubuntulinux.org/show_bug.cgi?id=3D2809
Thanks,
Martin
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=3Dde_DE.UTF-8, LC_CTYPE=3Dde_DE.UTF-8
Versions of packages libxml2 depends on:
ii libc6 2.3.2.ds1-18 GNU C Library: Shared librarie=
s an
ii zlib1g 1:1.2.2-1 compression library - runtime
-- no debconf information
--=20
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org
--pf9I7BMVVzbSWLtt
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBgLmpDecnbV4Fd/IRAqdAAJwKHerMGQLRyncAYtzh32LuH3/wDACfQROf
wYu9IuP+P1FuX2mdMGsVgm0=
=Hmqh
-----END PGP SIGNATURE-----
--pf9I7BMVVzbSWLtt--