Oval Definition:oval:org.mitre.oval:def:8180
Revision Date:2014-06-23Version:17
Title:DSA-1461 libxml2 -- missing input validation
Description:Brad Fitzpatrick discovered that the UTF-8 decoding functions of libxml2, the GNOME XML library, validate UTF-8 correctness insufficiently, which may lead to denial of service by forcing libxml2 into an infinite loop. For the old stable distribution (sarge), this problem has been fixed in version 2.6.16-7sarge1. For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-2. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your libxml2 packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-6284
DSA-1461
Platform(s):Debian GNU/Linux 3.1
Debian GNU/Linux 4.0
Product(s):libxml2
Definition Synopsis
  • Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND libxml2-doc is earlier than 2.6.27.dfsg-2
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is hppa
  • AND Packages section
  • libxml2 is earlier than 2.6.27.dfsg-2
  • OR libxml2-dev is earlier than 2.6.27.dfsg-2
  • OR libxml2-dbg is earlier than 2.6.27.dfsg-2
  • OR python-libxml2 is earlier than 2.6.27.dfsg-2
  • OR libxml2-utils is earlier than 2.6.27.dfsg-2
  • OR Release section
  • Debian GNU/Linux 3.1 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • python-libxml2 is earlier than 2.6.16-7sarge1
  • OR libxml2-doc is earlier than 2.6.16-7sarge1
  • OR libxml2-python2.3 is earlier than 2.6.16-7sarge1
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is hppa
  • AND Packages section
  • python2.2-libxml2 is earlier than 2.6.16-7sarge1
  • OR libxml2-utils is earlier than 2.6.16-7sarge1
  • OR libxml2 is earlier than 2.6.16-7sarge1
  • OR python2.3-libxml2 is earlier than 2.6.16-7sarge1
  • OR python2.4-libxml2 is earlier than 2.6.16-7sarge1
  • OR libxml2-dev is earlier than 2.6.16-7sarge1
    • BACK