libxml2-2.6.26-2.1.2.4.1AXS3
エラータID: AXSA:2008-89:02
リリース日:
2008/09/22 Monday - 12:53
題名:
libxml2-2.6.26-2.1.2.4.1AXS3
影響のあるチャネル:
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
libxml2 には、属性値のエンティティ拡張の際、再帰呼び出しの検出処理に不備があり、サービス運用妨害 (DoS) 状態の脆弱性が存在します。(CVE-2008-3281)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください
CVE:
CVE-2008-3281
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
追加情報:
N/A
ダウンロード:
Asianux Server 3 for x86
- libxml2-2.6.26-2.1.2.4.1AXS3.i386.rpm
MD5: 722b515d99fc782f072ff327dc7965af
SHA-256: 6117c57429c38532e21f4311fe77b180c7d53daa17db14e6645215f7000a4fe4
Size: 797.58 kB - libxml2-devel-2.6.26-2.1.2.4.1AXS3.i386.rpm
MD5: 363cba8b429181f3690b7357568f1479
SHA-256: 0e27b75e69f62f6d3a1827cb519d6db8de00329b6c18311a10a3d0d692291e6e
Size: 2.13 MB - libxml2-python-2.6.26-2.1.2.4.1AXS3.i386.rpm
MD5: 7d4b20530c5f9fd706c64de3f16348b7
SHA-256: 44638e9f4ca63feb1ac4181a50969706924f2e1ca9b9360a1cb085b15a3947ea
Size: 698.85 kB
Asianux Server 3 for x86_64
- libxml2-2.6.26-2.1.2.4.1AXS3.x86_64.rpm
MD5: a78b913b2de279539d4feb0c4d14c625
SHA-256: a5de95c04dab2d2ae8d3abb4be33fd6abe6a3d54d2ee09d07635175c6ab5449f
Size: 812.82 kB - libxml2-devel-2.6.26-2.1.2.4.1AXS3.x86_64.rpm
MD5: dec1255c2e7ffc16a4d7a01149c6c83d
SHA-256: 6a4e4dc8b7996ee4df3378dd30b145705cbc1816750030f22d0a86eecea18e6c
Size: 2.17 MB - libxml2-python-2.6.26-2.1.2.4.1AXS3.x86_64.rpm
MD5: c6ab3079e567acbf95f351ea0bf20cb9
SHA-256: 0517740a5052320b73652ce34b79b0f8f31d2772b6118aec80e2739a129df5b4
Size: 708.60 kB