📚 USN-2834-1: libxml2 vulnerabilities

🕛 Zeit seit Veröffentlichung: 739379 Tage, 15 Stunden 1 Minuten
📆 Veröffentlicht am: 00.00.0000 um 00:00 Uhr
💡 Newskategorie: Unix Server
🔗 Quelle: ubuntu.com

Ubuntu Security Notice USN-2834-1

14th December, 2015

libxml2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 15.10
Ubuntu 15.04
Ubuntu 14.04 LTS
Ubuntu 12.04 LTS

Summary

libxml2 could be made to crash if it opened a specially crafted file.

Software description

libxml2 - GNOME XML library

Details

Kostya Serebryany discovered that libxml2 incorrectly handled certain
malformed documents. If a user or automated system were tricked into
opening a specially crafted document, an attacker could possibly cause
libxml2 to crash, resulting in a denial of service. (CVE-2015-5312,
CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500)

Hugh Davenport discovered that libxml2 incorrectly handled certain
malformed documents. If a user or automated system were tricked into
opening a specially crafted document, an attacker could possibly cause
libxml2 to crash, resulting in a denial of service. (CVE-2015-8241,
CVE-2015-8242)

Hanno Boeck discovered that libxml2 incorrectly handled certain
malformed documents. If a user or automated system were tricked into
opening a specially crafted document, an attacker could possibly cause
libxml2 to crash, resulting in a denial of service. This issue only applied
to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-8317)