Linux Security
    Linux Security
    Linux Security

    Debian: DSA-2128-1: New libxml2 packages fix potential code execution

    Posted By
    Bui Quang Minh discovered that libxml2, a library for parsing and handling XML data files, does not well process a malformed XPATH, causing crash and allowing arbitrary code execution.
    Hash: SHA1
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-2128-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                        Giuseppe Iuculano
    December 01, 2010           
    - ------------------------------------------------------------------------
    Package        : libxml2
    Vulnerability  : invalid memory access
    Problem type   : local (remote)
    Debian-specific: no
    CVE ID         : CVE-2010-4008
    Bui Quang Minh discovered that libxml2, a library for parsing and
    handling XML data files, does not well process a malformed XPATH,
    causing crash and allowing arbitrary code execution.
    For the stable distribution (lenny), this problem has been fixed in
    version 2.6.32.dfsg-5+lenny2.
    For the testing (squeeze) and unstable (sid) distribution, this problem
    has been fixed in version 2.7.8.dfsg-1.
    We recommend that you upgrade your libxml2 package.
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 5.0 alias lenny
    - --------------------------------
    Debian (stable)
    - ---------------
    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    Source archives:
        Size/MD5 checksum:  3425843 bb11c95674e775b791dab2d15e630fa4
        Size/MD5 checksum:     1985 e1a498ed2e38225c5d10aaf834d9e0b9
        Size/MD5 checksum:    83947 7af1ff46c9cacd57e7f977b295b39084
    Architecture independent packages:
        Size/MD5 checksum:  1307172 ceec72214783bdfc9d7643ea31a61d50
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:   920664 429d086d4861511c6d9130bd7a165698
        Size/MD5 checksum:   856680 fccba5f6884b74e873730e3140e0bad5
        Size/MD5 checksum:   920616 33f850cafef51a45ef04714c9900e737
        Size/MD5 checksum:   292784 2f2ad873f9f50a0400960264ba823aec
        Size/MD5 checksum:    38026 e3f0bf3fe0f804bcd39df854e420cee6
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:   988474 ea406c325fe1d3cf8e80eed39ff61f7e
        Size/MD5 checksum:   295940 2a1754d35048a827dfeac4ee25f238d5
        Size/MD5 checksum:    37328 0b6af9c052e005c439658215027eeead
        Size/MD5 checksum:   774114 0c714b77c96e4d840048edbce00d959f
        Size/MD5 checksum:   860726 cf7d9638a12709f527898f9c91ec389d
    arm architecture (ARM)
        Size/MD5 checksum:   246210 484d790396e82318e4eb5e38903497d9
        Size/MD5 checksum:   898986 5cbab6f3b7fa8df4a406d03eaa5762a2
        Size/MD5 checksum:   685530 9b9ea967472806e4f4b0d713d7198706
        Size/MD5 checksum:   782546 1dec5ad219c1f69439936f172323b4d3
        Size/MD5 checksum:    35174 f15d1f05b68e8299b2084315feea6078
    armel architecture (ARM EABI)
        Size/MD5 checksum:   247756 4809a4f17729bfec952e25aeff5f612b
        Size/MD5 checksum:   906754 ee3e37855a6699771d3612180632a1df
        Size/MD5 checksum:   790732 0df793cc442fd5aff099c60852cfd031
        Size/MD5 checksum:    34258 95bb668363b085e6fea0848444ff0a42
        Size/MD5 checksum:   692210 acb1820adf968e8011d16b94cdc6d18c
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:   867348 656a379b6cd2f3bc167c4c580f4f9588
        Size/MD5 checksum:   300124 646af54075ce65b1f318773e55f3b8ae
        Size/MD5 checksum:    36974 6595d5ef74d9710d4498159da8fe8879
        Size/MD5 checksum:   931526 94752ea0ec5e56c0ce2bfa6fd8ffc7c2
        Size/MD5 checksum:   889446 3342e94f7cb0f5c89f4a95969750d6fe
    i386 architecture (Intel ia32)
        Size/MD5 checksum:   264698 ce75352a38803aa7d94111c44ccc7a30
        Size/MD5 checksum:   945316 95cf7cbbb06087b7f18c52f897b4ba78
        Size/MD5 checksum:   814750 df1f647ba1306ce5138b50f06089d3db
        Size/MD5 checksum:   698690 4e54bd82a4b679478806da0e14212268
        Size/MD5 checksum:    33754 92c4c50e1a3f6160ab72316d1cf678ba
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:    48096 df26f8dc1b4e78de97d22fb6f328844d
        Size/MD5 checksum:  1144394 8a3e9d36f7bcebc74fe83f2f602197c6
        Size/MD5 checksum:  1150678 6efac0dc67e48b20922bc321ad14b1ed
        Size/MD5 checksum:   926300 8381127e0f7f55f23a5a798ec6a043b5
        Size/MD5 checksum:   320066 c18be638d183a965bcff61cbef015b44
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum:   975846 27602acbf39c6086b0ccccc2a075888c
        Size/MD5 checksum:   809424 62a1a3153b1f2898bd36914b9d953a59
        Size/MD5 checksum:   821888 df10f6c3fa7dd05d6aeba73b8a82fe7a
        Size/MD5 checksum:    34188 489be157e2061a3e958a1c9693f6fb07
        Size/MD5 checksum:   252622 ffe51c47bcaa9883addae4da42850e8a
    powerpc architecture (PowerPC)
        Size/MD5 checksum:   950566 3ad6dc272c21e8f849fb06cca054dcd6
        Size/MD5 checksum:    42054 1b29e288243c30441833b359a36cd09f
        Size/MD5 checksum:   834730 e79241dec4e3e7328e305a8fb0505d18
        Size/MD5 checksum:   285718 df9b1705a6faea8bd1a3f0db9464f4c1
        Size/MD5 checksum:   789938 1831f4e506ea36d5d6dbf4af3864835e
    s390 architecture (IBM S/390)
        Size/MD5 checksum:    38078 b238d71479ae8c7dfdce22b7b96e96f6
        Size/MD5 checksum:   297668 87fc74097472950250bdef49cfc1401d
        Size/MD5 checksum:   854128 bba7607e556f4d03578a6fd7b206c542
        Size/MD5 checksum:   762632 aaf2e13c002c2128fd8f06b49e8b0079
        Size/MD5 checksum:   968000 20682a3eddbc11161cabe014eb67cc2f
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum:    36538 c94d075d63dfa8c35cdca960d12e1ba7
        Size/MD5 checksum:   845248 9b9da876e13164f4346e7efcf9b94a96
        Size/MD5 checksum:   279186 1f5a7299a4c7fbf27d73d017909679e9
        Size/MD5 checksum:   727602 b1b0633a4bdb40f1e0a341a1b86c812c
        Size/MD5 checksum:   803608 8a339109db809222dd0dd9e795062fa2
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and


    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.