 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 22 Oct 2014 17:04:56 +0000 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: libxml2 security update
Advisory ID: SLSA-2014:1655-1
Issue Date: 2014-10-16
CVE Numbers: CVE-2014-3660
--
A denial of service flaw was found in libxml2, a library providing support
to read, modify and write XML and HTML files. A remote attacker could
provide a specially crafted XML file that, when processed by an
application using libxml2, would lead to excessive CPU consumption (denial
of service) based on excessive entity substitutions, even if entity
substitution was disabled, which is the parser default behavior.
(CVE-2014-3660)
The desktop must be restarted (log out, then log back in) for this update
to take effect.
--
SL6
x86_64
libxml2-2.7.6-17.el6_6.1.i686.rpm
libxml2-2.7.6-17.el6_6.1.x86_64.rpm
libxml2-debuginfo-2.7.6-17.el6_6.1.i686.rpm
libxml2-debuginfo-2.7.6-17.el6_6.1.x86_64.rpm
libxml2-python-2.7.6-17.el6_6.1.x86_64.rpm
libxml2-devel-2.7.6-17.el6_6.1.i686.rpm
libxml2-devel-2.7.6-17.el6_6.1.x86_64.rpm
libxml2-static-2.7.6-17.el6_6.1.x86_64.rpm
i386
libxml2-2.7.6-17.el6_6.1.i686.rpm
libxml2-debuginfo-2.7.6-17.el6_6.1.i686.rpm
libxml2-python-2.7.6-17.el6_6.1.i686.rpm
libxml2-devel-2.7.6-17.el6_6.1.i686.rpm
libxml2-static-2.7.6-17.el6_6.1.i686.rpm
SL7
x86_64
libxml2-2.9.1-5.el7_0.1.i686.rpm
libxml2-2.9.1-5.el7_0.1.x86_64.rpm
libxml2-debuginfo-2.9.1-5.el7_0.1.i686.rpm
libxml2-debuginfo-2.9.1-5.el7_0.1.x86_64.rpm
libxml2-python-2.9.1-5.el7_0.1.x86_64.rpm
libxml2-devel-2.9.1-5.el7_0.1.i686.rpm
libxml2-devel-2.9.1-5.el7_0.1.x86_64.rpm
libxml2-static-2.9.1-5.el7_0.1.i686.rpm
libxml2-static-2.9.1-5.el7_0.1.x86_64.rpm
- Scientific Linux Development Team
|
|
|
