Synopsis: Moderate: libxml2 security update Issue Date: 2013-02-28 CVE Numbers: CVE-2013-0338 -- A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption. (CVE-2013-0338) The desktop must be restarted (log out, then log back in) for this update to take effect. -- SL5 x86_64 libxml2-2.6.26-2.1.21.el5_9.1.i386.rpm libxml2-2.6.26-2.1.21.el5_9.1.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.21.el5_9.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.21.el5_9.1.x86_64.rpm libxml2-python-2.6.26-2.1.21.el5_9.1.x86_64.rpm libxml2-devel-2.6.26-2.1.21.el5_9.1.i386.rpm libxml2-devel-2.6.26-2.1.21.el5_9.1.x86_64.rpm i386 libxml2-2.6.26-2.1.21.el5_9.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.21.el5_9.1.i386.rpm libxml2-python-2.6.26-2.1.21.el5_9.1.i386.rpm libxml2-devel-2.6.26-2.1.21.el5_9.1.i386.rpm SL6 x86_64 libxml2-2.7.6-12.el6_4.1.i686.rpm libxml2-2.7.6-12.el6_4.1.x86_64.rpm libxml2-debuginfo-2.7.6-12.el6_4.1.i686.rpm libxml2-debuginfo-2.7.6-12.el6_4.1.x86_64.rpm libxml2-python-2.7.6-12.el6_4.1.x86_64.rpm libxml2-devel-2.7.6-12.el6_4.1.i686.rpm libxml2-devel-2.7.6-12.el6_4.1.x86_64.rpm libxml2-static-2.7.6-12.el6_4.1.x86_64.rpm i386 libxml2-2.7.6-12.el6_4.1.i686.rpm libxml2-debuginfo-2.7.6-12.el6_4.1.i686.rpm libxml2-python-2.7.6-12.el6_4.1.i686.rpm libxml2-devel-2.7.6-12.el6_4.1.i686.rpm libxml2-static-2.7.6-12.el6_4.1.i686.rpm - Scientific Linux Development Team