[xml/sgml-pkgs] Bug#643648: CVE-2011-2834 and CVE-2011-2821
Moritz Mühlenhoff
jmm at inutil.org
Mon Oct 10 16:24:25 UTC 2011
On Fri, Oct 07, 2011 at 09:02:00AM +0200, Mike Hommey wrote:
> On Wed, Sep 28, 2011 at 12:54:33PM +0200, Giuseppe Iuculano wrote:
> > Package: libxml2
> > Severity: serious
> > Tags: security
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi,
> >
> > two libxml2 issues were fixed in the latest chrome updates:
> >
> > CVE-2011-2821
> > Double free vulnerability in libxml2, as used in Google Chrome before
> > 13.0.782.215, allows remote attackers to cause a denial of service or
> > possibly have unspecified other impact via a crafted XPath expression.
> >
> > Patch:
> > http://git.gnome.org/browse/libxml2/commit/?id=fec31bcd452e77c10579467ca87a785b41115de6
> >
> >
> > CVE-2011-2834
> > Double free vulnerability in libxml2, as used in Google Chrome before
> > 14.0.835.163, allows remote attackers to cause a denial of service or
> > possibly have unspecified other impact via vectors related to XPath
> > handling.
> >
> > Patch: http://src.chromium.org/viewvc/chrome?view=rev&revision=98359
>
> I'm going to push that to unstable, do we want stable/oldstable
> backports?
This doesn't allow code injection. Let's stack it up until a more severe
issue arises in libxml2. (Alternative we can fix it in a point update)
Cheers,
Moritz
More information about the debian-xml-sgml-pkgs
mailing list