This bug was fixed in the package libxml - 1:1.8.17-14.1ubuntu0.1
---------------
libxml (1:1.8.17-14.1ubuntu0.1) hardy-security; urgency=low
* SECURITY UPDATE: Fix parsing issues (LP: #604768)
- modified parser.c: Fix multiple use-after-free flaws when parsing notation
and
enumeration attribute types, and fix stack overflow when parsing root XML
document element DTD definition. Patch provided by Debian in Etch.
- CVE-2009-2416
- CVE-2009-2414
-- Brian Thomason <[email protected]> Mon, 12 Jul 2010 15:26:51
-0400
** Changed in: libxml (Ubuntu Hardy)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2414
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-2416
--
[SECURITY] libxml stack overflow issues
https://bugs.launchpad.net/bugs/604768
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
