Source: libxml2 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for libxml2.
CVE-2012-0841[0]: | Juraj Somorovsky reported that certain XML parsers/servers are affected by the | same, or similar, flaw as the hash table collisions CPU usage denial of | service. Sending a specially crafted message to an XML service can result in | longer processing time, which could lead to a denial of service. It is | reported that this attack on XML can be applied on different XML nodes (such as | entities, element attributes, namespaces, various elements in the XML security, | etc.). If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Patch: http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841 http://security-tracker.debian.org/tracker/CVE-2012-0841 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpsXzXVwN5X1.pgp
Description: PGP signature
