tags 460292 + security
severity 460292 grave
retitle 460292 libxml2: CVE-2007-6284 denial of service via crafted UTF-8
sequence
thanks
Hi Pascal,
* Pascal Volk <[EMAIL PROTECTED]> [2008-01-13 14:33]:
> Am 12.01.2008 04:31 schrieb Nico Golde:
> >
> > Is there any service using libxml2? If not I w
Am 12.01.2008 04:31 schrieb Nico Golde:
>
> Is there any service using libxml2? If not I would consider
> this a normal bug rather than a security issue.
There are services that use libxml2 indirectly. For example apache2 with
libapache2-mod-php5, php5-cgi (with php5-xsl and/or php5-xmlrpc),
li
Hi,
* Pascal Volk <[EMAIL PROTECTED]> [2008-01-12 04:04]:
> Package: libxml2
> Version: 2.6.30.dfsg-3
> Severity: normal
>
> A vulnerability has been reported in libxml2, prior to version 2.6.31, from
> Daniel Veillard:
> "Two specially crafted broken UTF-8 sequences when occuring at the wrong
> p
Package: libxml2
Version: 2.6.30.dfsg-3
Severity: normal
A vulnerability has been reported in libxml2, prior to version 2.6.31, from
Daniel Veillard:
"Two specially crafted broken UTF-8 sequences when occuring at the wrong
place lead the parser to go into an infinite loop."
The report is available
4 matches
Mail list logo
