Introduced by: https://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a
Fixed by: https://git.gnome.org/browse/libxml2/commit/dict.c?id=379ebc1d774865fa92f2a8d80cc4da65cbe19998 https://git.gnome.org/browse/libxml2/commit/dict.c?id=e7715a5963afebfb027120db6914926ec9a7373d ** Also affects: libxml2 (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: libxml2 (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: libxml2 (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: libxml2 (Ubuntu Trusty) Status: New => Fix Released ** Changed in: libxml2 (Ubuntu) Status: Triaged => Fix Released ** Changed in: libxml2 (Ubuntu Lucid) Status: New => Confirmed ** Changed in: libxml2 (Ubuntu Precise) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libxml2 in Ubuntu. https://bugs.launchpad.net/bugs/983810 Title: libxml2 security update fails to address problem and breaks thread- safety Status in libxml2: New Status in “libxml2” package in Ubuntu: Fix Released Status in “libxml2” source package in Lucid: Confirmed Status in “libxml2” source package in Precise: Confirmed Status in “libxml2” source package in Trusty: Fix Released Status in “libxml2” package in Debian: New Bug description: Using libxml2 2.7.8.dfsg-4ubuntu0.2 from (K)Ubuntu 11.10. In an attempt to address oCERT 2011-003, libxml2 now seeds its hash table with using rand(). This is broken and lame: Firstly, srand() and rand() are not thread-safe, even though libxml2 is supposed to be thread-safe (when adequately initialized by the program). The fix is easy: replace srand() with a variable assignment, and replace rand() with rand_r(). Secondly, using time(NULL) as a seed totally misses the point. It is trivial for a potential attacker to guess the value of time(NULL). That's the current UTC current time rounded to the second. To manage notifications about this bug go to: https://bugs.launchpad.net/libxml2/+bug/983810/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp