Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 351954

Summary: dev-libs/libxml2 CVE-2010-4494 remote xpath vulnerability
Product: Gentoo Security Reporter: Sylvia <fierevere>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: critical    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/42721/
Whiteboard:
Package list:
Runtime testing required: ---

Description Sylvia 2011-01-17 23:45:27 UTC 
A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
------
adv on secunia.com - http://secunia.com/advisories/42721/
debian security - http://www.debian.org/security/2010/dsa-2137
MITRE - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
debian bugzilla - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922


Patches available:
http://git.gnome.org/browse/libxml2/commit/?id=df83c17e5a2646bd923f75e5e507bc80d73c9722

http://git.gnome.org/browse/libxml2/commit/?id=fec31bcd452e77c10579467ca87a785b41115de6
Comment 1 Sylvia 2011-01-17 23:54:55 UTC 
reported here as well - http://bugs.gentoo.org/show_bug.cgi?id=345555#c3
can be somewhat duplicate of bug #345555
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-01-17 23:57:08 UTC 

*** This bug has been marked as a duplicate of bug 345555 ***