libxml2 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1350741234
업데이트 : 2012.10.20
상세내용
- fix an XML namespace handling problem in XML parser
- security fix
. CVE-2011-3919
Heap-based buffer overflow in libxml2, as used in Google Chrome
before 16.0.912.75, allows remote attackers to cause a denial
of service or possibly have unspecified other impact via unknown
vectors.
. CVE-2011-3905
libxml2, as used in Google Chrome before 16.0.912.63, allows
remote attackers to cause a denial of service (out-of-bounds
read) via unspecified vectors.
. CVE-2011-2834
Double free vulnerability in libxml2, as used in Google Chrome
before 14.0.835.163, allows remote attackers to cause a denial
of service or possibly have unspecified other impact via vectors
related to XPath handling.
. CVE-2011-0216
Off-by-one error in libxml in Apple Safari before 5.0.6 allows
remote attackers to execute arbitrary code or cause a denial of
service (heap-based buffer overflow and application crash) via
a crafted web site.
Autoupdates 지원 : 지원
pkgsysupdate
pkgadd -F libxml2-phtyon
update 패키지
RPMS :
. libxml2-2.6.16-12.el4.9.i686.rpm
. libxml2-devel-2.6.16-12.el4.9.i686.rpm
. libxml2-python-2.6.16-12.el4.9.i686.rpm
SRPMS :
. libxml2-2.6.16-12.el4.9.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216
|