ELSA-2012-1288

ELSA-2012-1288 - libxml2 security update

Type:SECURITY
Severity:MODERATE
Release Date:2012-09-18

Description


[2.7.6-8.0.1.el6_3.3 ]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball

[2.7.6-8.el6_3.3]
- Change the XPath code to percolate allocation error (CVE-2011-1944)

[2.7.6-8.el6_3.2]
- Fix an off by one pointer access (CVE-2011-3102)

[2.7.6-8.el6_3.1]
- Fix a failure to report xmlreader parsing failures
- Fix parser local buffers size problems (rhbz#843741)
- Fix entities local buffers size problems (rhbz#843741)
- Fix an error in previous commit (rhbz#843741)
- Do not fetch external parsed entities
- Impose a reasonable limit on attribute size (rhbz#843741)
- Impose a reasonable limit on comment size (rhbz#843741)
- Impose a reasonable limit on PI size (rhbz#843741)
- Cleanups and new limit APIs for dictionaries (rhbz#843741)
- Introduce some default parser limits (rhbz#843741)
- Implement some default limits in the XPath module
- Fixup limits parser (rhbz#843741)
- Enforce XML_PARSER_EOF state handling through the parser
- Avoid quadratic behaviour in some push parsing cases (rhbz#843741)
- More avoid quadratic behaviour (rhbz#843741)
- Strengthen behaviour of the push parser in problematic situations (rhbz#843741)
- More fixups on the push parser behaviour (rhbz#843741)
- Fix a segfault on XSD validation on pattern error
- Fix an unimplemented part in RNG value validation

[2.7.6-8.el6]
- remove chunk in patch related to configure.in as it breaks rebuild
- Resolves: rhbz#788846

[2.7.6-7.el6]
- fix previous build to force compilation of randomization code
- Resolves: rhbz#788846

[2.7.6-6.el6]
- adds randomization to hash and dict structures CVE-2012-0841
- Resolves: rhbz#788846

[2.7.6-5.el6]
- Make sure the parser returns when getting a Stop order CVE-2011-3905
- Fix an allocation error when copying entities CVE-2011-3919
- Resolves: rhbz#771910


Related CVEs


CVE-2011-3102
CVE-2012-2807

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) libxml2-2.6.26-2.1.15.0.1.el5_8.5.src.rpm4dd40bb169d4e34a122568bf64399a42ELSA-2014-1885
libxml2-2.6.26-2.1.15.0.1.el5_8.5.i386.rpme7db448df92a0cb9b19893b603467703ELSA-2014-1885
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm26fca7c50675ee5620308fd3efc20a94ELSA-2014-1885
libxml2-python-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm1ebc668b9d8170702a0d4588a38b753aELSA-2014-1885
Oracle Linux 5 (ia64) libxml2-2.6.26-2.1.15.0.1.el5_8.5.src.rpm4dd40bb169d4e34a122568bf64399a42ELSA-2014-1885
libxml2-2.6.26-2.1.15.0.1.el5_8.5.i386.rpme7db448df92a0cb9b19893b603467703ELSA-2014-1885
libxml2-2.6.26-2.1.15.0.1.el5_8.5.ia64.rpm8513f6e4edf13b37256f935f1f6d8d02ELSA-2014-1885
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.ia64.rpm631e752e250e18eb8ec5809895d25ff2ELSA-2014-1885
libxml2-python-2.6.26-2.1.15.0.1.el5_8.5.ia64.rpmedf11f344e8c9afbc897b892b5a7f0e1ELSA-2014-1885
Oracle Linux 5 (x86_64) libxml2-2.6.26-2.1.15.0.1.el5_8.5.src.rpm4dd40bb169d4e34a122568bf64399a42ELSA-2014-1885
libxml2-2.6.26-2.1.15.0.1.el5_8.5.i386.rpme7db448df92a0cb9b19893b603467703ELSA-2014-1885
libxml2-2.6.26-2.1.15.0.1.el5_8.5.x86_64.rpm627bf37b5dde7b308b29cc7a5d187bd9ELSA-2014-1885
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.i386.rpm26fca7c50675ee5620308fd3efc20a94ELSA-2014-1885
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.5.x86_64.rpmf9e3e93206017d5401efdabd329444f2ELSA-2014-1885
libxml2-python-2.6.26-2.1.15.0.1.el5_8.5.x86_64.rpm31dbb3295c6d44b195261c1dbcf62947ELSA-2014-1885
Oracle Linux 6 (i386) libxml2-2.7.6-8.0.1.el6_3.3.src.rpm7402acd068adf3095a02164394f43411ELSA-2016-1292
libxml2-2.7.6-8.0.1.el6_3.3.i686.rpm44babacec27efd9b543110cd9e59e02bELSA-2016-1292
libxml2-devel-2.7.6-8.0.1.el6_3.3.i686.rpm29244b17fa7a124894d2fad1e1a7c1deELSA-2016-1292
libxml2-python-2.7.6-8.0.1.el6_3.3.i686.rpm8e1fc403022120273c63c457eb8773b2ELSA-2016-1292
libxml2-static-2.7.6-8.0.1.el6_3.3.i686.rpmbf95e382784163d3dc8c8d94c58fc1eeELSA-2016-1292
Oracle Linux 6 (x86_64) libxml2-2.7.6-8.0.1.el6_3.3.src.rpm7402acd068adf3095a02164394f43411ELSA-2016-1292
libxml2-2.7.6-8.0.1.el6_3.3.i686.rpm44babacec27efd9b543110cd9e59e02bELSA-2016-1292
libxml2-2.7.6-8.0.1.el6_3.3.x86_64.rpm0c0d6ef1267d478bc752984ee44ab11bELSA-2016-1292
libxml2-devel-2.7.6-8.0.1.el6_3.3.i686.rpm29244b17fa7a124894d2fad1e1a7c1deELSA-2016-1292
libxml2-devel-2.7.6-8.0.1.el6_3.3.x86_64.rpm681e4c60f7eefebc015996370ccef52eELSA-2016-1292
libxml2-python-2.7.6-8.0.1.el6_3.3.x86_64.rpm28b4f00aa9b428974f84ea0840cdcf25ELSA-2016-1292
libxml2-static-2.7.6-8.0.1.el6_3.3.x86_64.rpm6a9afa4c85b91ac48058998db948832aELSA-2016-1292



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete