Oracle Errata SystemOracle Linux5.32021-09-09T12:47:53
ELSA-2013-0581: libxml2 security update (MODERATE)
Oracle Linux 5Oracle Linux 6
[2.7.6-12.0.1.el6_4.1]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball
[2.7.6-12.el6_4.1]
-detect and stop excessive entities expansion upon replacement (rhbz#912574)
[2.7.6-12.el6]
- fix out of range heap access (CVE-2012-5134)
[2.7.6-11.el6]
- Change the XPath code to percolate allocation error (CVE-2011-1944)
[2.7.6-10.el6]
- Fix an off by one pointer access (CVE-2011-3102)
[2.7.6-9.el6]
- Fix a failure to report xmlreader parsing failures
- Fix parser local buffers size problems (rhbz#843742)
- Fix entities local buffers size problems (rhbz#843742)
- Fix an error in previous commit (rhbz#843742)
- Do not fetch external parsed entities
- Impose a reasonable limit on attribute size (rhbz#843742)
- Impose a reasonable limit on comment size (rhbz#843742)
- Impose a reasonable limit on PI size (rhbz#843742)
- Cleanups and new limit APIs for dictionaries (rhbz#843742)
- Introduce some default parser limits (rhbz#843742)
- Implement some default limits in the XPath module
- Fixup limits parser (rhbz#843742)
- Enforce XML_PARSER_EOF state handling through the parser
- Avoid quadratic behaviour in some push parsing cases (rhbz#843742)
- More avoid quadratic behaviour (rhbz#843742)
- Strengthen behaviour of the push parser in problematic situations (rhbz#843742)
- More fixups on the push parser behaviour (rhbz#843742)
- Fix a segfault on XSD validation on pattern error
- Fix an unimplemented part in RNG value validation
MODERATECopyright 2013 Oracle, Inc.CVE-2013-0338libxml2libxml2-devellibxml2-pythonlibxml2-staticoraclelinux-release66ced3de1e5e015972f97b74ec551f03^5ia640:2.6.26-2.1.21.0.1.el5_9.1x86_64i386^60:2.7.6-12.0.1.el6_4.1i686