Ubuntu alert USN-2214-1 (libxml2)
| From: | Marc Deslauriers <marc.deslauriers@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-2214-1] libxml2 vulnerability | |
| Date: | Thu, 15 May 2014 14:01:22 -0400 | |
| Message-ID: | <537500F2.2050509@canonical.com> |
========================================================================== Ubuntu Security Notice USN-2214-1 May 15, 2014 libxml2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 13.10 - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: libxml2 could be made to consume resources if it processed a specially crafted file. Software Description: - libxml2: GNOME XML library Details: Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: libxml2 2.9.1+dfsg1-3ubuntu4.1 Ubuntu 13.10: libxml2 2.9.1+dfsg1-3ubuntu2.1 Ubuntu 12.10: libxml2 2.8.0+dfsg1-5ubuntu2.5 Ubuntu 12.04 LTS: libxml2 2.7.8.dfsg-5.1ubuntu4.7 Ubuntu 10.04 LTS: libxml2 2.7.6.dfsg-1ubuntu1.11 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2214-1 CVE-2014-0191 Package Information: https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-... https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-... https://launchpad.net/ubuntu/+source/libxml2/2.8.0+dfsg1-... https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5... https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1... -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...