Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Ubuntu 12.04 ESM USN-3504-2 Moderate: libxml2 Denial Of Service

Calendar Dec 05, 2017 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service Ubuntu moderate severity libxml2 crash
curl could be made to crash if it received specially crafted input. 
=========================================================================Ubuntu Security Notice USN-3504-2
December 05, 2017

libxml2 vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

curl could be made to crash if it received specially crafted
input.

Software Description:
- libxml2: GNOME XML library

Details:

USN-3504-1 fixed a vulnerability in libxml2. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Wei Lei discovered that libxml2 incorrecty handled certain parameter
 entities. An attacker could use this issue with specially constructed
 XML data to cause libxml2 to consume resources, leading to a denial of
 service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  libxml2                         2.7.8.dfsg-5.1ubuntu4.19
  libxml2-utils                   2.7.8.dfsg-5.1ubuntu4.19
  python-libxml2                  2.7.8.dfsg-5.1ubuntu4.19

In general, a standard system update will make all the necessary
changes.

References:
  
  
  CVE-2017-16932

Ubuntu 12.04 ESM USN-3504-2 Moderate: libxml2 Denial Of Service

ubuntu
Calendar Grey December 5, 2017
Dist Ubuntu Esm H88
Investigate the libxml2 flaw in Ubuntu that may trigger a failure when processing carefully designed input.
curl could be made to crash if it received specially crafted input.

Summary

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu moderate severity libxml2 crash

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM:   libxml2                         2.7.8.dfsg-5.1ubuntu4.19   libxml2-utils                   2.7.8.dfsg-5.1ubuntu4.19   python-libxml2                  2.7.8.dfsg-5.1ubuntu4.19 In general, a standard system update will make all the necessary changes.

References

 

 

  CVE-2017-16932

December 05, 2017

Topics%20covered

Topics Covered

security advisory denial of service Ubuntu moderate severity libxml2 crash

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here