[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 503-1] libxml2 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libxml2
Version        : 2.8.0+dfsg1-7+wheezy6
CVE ID         : CVE-2015-8806 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834
                 CVE-2016-1835 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839
                 CVE-2016-1840 CVE-2016-2073 CVE-2016-3627 CVE-2016-3705
                 CVE-2016-4447 CVE-2016-4449 CVE-2016-4483
Debian Bug     : 812807 813613 819006 823405 823414

Several vulnerabilities were discovered in libxml2, a library providing
support to read, modify and write XML and HTML files. A remote attacker
could provide a specially crafted XML or HTML file that, when processed
by an application using libxml2, would cause a denial-of-service against
the application, or potentially the execution of arbitrary code with the
privileges of the user running the application.

For Debian 7 "Wheezy", these problems have been fixed in version
2.8.0+dfsg1-7+wheezy6.

We recommend that you upgrade your libxml2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXUdVYAAoJEAVMuPMTQ89Er9gP/2GENNXbt0PrP0rVJoyE0Ntt
NNIHHe7JicJDFFqY/P7qMKj9zmNZMOCpdLOzkj06OHf0c67psacNvqN+Y+3THVfF
KBTg5v9/Fx/UeqDCs2wRa2nC7mHtvVV80ZGlm9dFV1ufsyxW04mMq1d3OI6wHrzR
ZPHXb3ASGluDnsNbfxjyM0+93qeuWFToEDa4w3p4Z/L+C3FOhckUzt30XaGG48HW
MUeq/4GDq1e+rVhqWuhTNa/Zb2yjMNAKj4cShU3DzwLPA0WbUCMv9VxYBm5NkbyC
eTiBL44k+Tqrbq/ilmmi7l3cNdda2oM/dUHzHdh5qbC2os+QMcP6nsF8BmkldJ8L
au/GetZN1T8WR3xpjHuxv5KVw8I33kFx9EDpAOp/JoG1d39dJj9cgQMBIi1h+hG5
hj/jXZ9iatVTNXfCpQ2fw7FZzK8aAtV8oY05QddPU9XSThz803xa3NbJduVVMgPY
CfUxGxWzxIB+MPxZ6dmg7PkMoQ4KFZOBKjqwcaxc13QEmAr0Ke2DPqa+U6Rd9zNS
CZ/64PeFkSY62QdQ65pDZZNXbChV+I31yWYeWAtOwJbG4rUJmv08xdr0kTXi+iaj
arLXsR0obaqoLcyxNyGpd3Bh/1FvPAwVzrueAgypaKWOCv8STfbd9Yfb78KBSt/a
VRA2tIjSglUuQx/rVqHz
=J25W
-----END PGP SIGNATURE-----


Reply to: