Oval Definition:oval:com.redhat.rhsa:def:20141655
Revision Date:2014-10-16Version:635
Title:RHSA-2014:1655: libxml2 security update (Moderate)
Description:The libxml2 library is a development toolbox providing the implementation of various XML standards.

  • A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660)

    All libxml2 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2014-3660
    CVE-2014-3660
    RHSA-2014:1655
    RHSA-2014:1655-00
    RHSA-2014:1655-02
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • libxml2 is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2 is signed with Red Hat redhatrelease2 key
  • libxml2-devel is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2-devel is signed with Red Hat redhatrelease2 key
  • libxml2-python is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2-python is signed with Red Hat redhatrelease2 key
  • libxml2-static is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2-static is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • libxml2 is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2 is signed with Red Hat redhatrelease2 key
  • libxml2-devel is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2-devel is signed with Red Hat redhatrelease2 key
  • libxml2-python is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2-python is signed with Red Hat redhatrelease2 key
  • libxml2-static is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2-static is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND
  • libxml2 is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2 is signed with Red Hat redhatrelease2 key
  • libxml2-devel is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2-devel is signed with Red Hat redhatrelease2 key
  • libxml2-python is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2-python is signed with Red Hat redhatrelease2 key
  • libxml2-static is earlier than 0:2.9.1-5.el7_0.1
  • AND libxml2-static is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 6 Client is installed
  • OR Red Hat Enterprise Linux 6 Server is installed
  • OR Red Hat Enterprise Linux 6 Workstation is installed
  • OR Red Hat Enterprise Linux 6 ComputeNode is installed
  • AND
  • libxml2 is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2 is signed with Red Hat redhatrelease2 key
  • libxml2-devel is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2-devel is signed with Red Hat redhatrelease2 key
  • libxml2-python is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2-python is signed with Red Hat redhatrelease2 key
  • libxml2-static is earlier than 0:2.7.6-17.el6_6.1
  • AND libxml2-static is signed with Red Hat redhatrelease2 key
    • BACK