On Thu, Nov 20, 2008 at 05:06:35AM -0800, f rom wrote: > Which version of libxml2 do I need to download that solves : CVE-2008-4226 > and CVE-2008-4225. > > This update fixes an integer overflow in libxml2 that could lead to > memory corruption and arbitrary code execution. (CVE-2008-4226) > Thanks to: Drew Yao of Apple Product Security
SVN head, there have been no release with the fix yet, You should be able to grab the snapshot if you really want a tarball. Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ [EMAIL PROTECTED] | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ _______________________________________________ xml mailing list, project page http://xmlsoft.org/ [email protected] http://mail.gnome.org/mailman/listinfo/xml
