Búsqueda de    
Vulnerabilidad   
    Buscar 172616 Descripciones CVE y
81291 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1654-1                  security@debian.org
http://www.debian.org/security/                               Steve Kemp
October 14, 2008                      http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : libxml2
Vulnerability  : buffer overflow
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2008-3529
Debian Bug     : 498768

It was discovered that libxml2, the GNOME XML library, didn't correctly
handle long entity names.  This could allow the execution of arbitrary
code via a malicious XML file.

For the stable distribution (etch), this problem has been fixed in version
2.6.27.dfsg-5.

For the unstable distribution (sid), this problem has been fixed in
version 2.6.32.dfsg-4.

We recommend that you upgrade your libxml2 package.


Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.diff.gz
    Size/MD5 checksum:   220443 48cafbb8d1bd2c6093339fea3f14e4a0
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz
    Size/MD5 checksum:  3416175 5ff71b22f6253a6dd9afc1c34778dec3
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5.dsc
    Size/MD5 checksum:      893 0dc1f183dd20741e5b4e26a7f8e1c652

Architecture independent packages:

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-5_all.deb
    Size/MD5 checksum:  1328144 c1c5f0ceb391893a94e61c074b677ee9

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_alpha.deb
    Size/MD5 checksum:   820850 fac5556241bb0fde20913f25fb9c73ac
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_alpha.deb
    Size/MD5 checksum:    37980 725b1c6925e610b5843ba0ad554dc7bc
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_alpha.deb
    Size/MD5 checksum:   184754 5ccbaf07b44dcfe528167074050bf270
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_alpha.deb
    Size/MD5 checksum:   916830 17d71480b7e2a447dabde99c11d752fa
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_alpha.deb
    Size/MD5 checksum:   881834 cac19a28b37f7afb9e07966f44ddd5b2

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_amd64.deb
    Size/MD5 checksum:   184130 a13372752d162d0fb2ccd58da6b73e20
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_amd64.deb
    Size/MD5 checksum:    36684 8a0265229bebf9245dc7bb7cc6f41d36
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_amd64.deb
    Size/MD5 checksum:   796194 6019e59020269cca8fa8fea40f83c118
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_amd64.deb
    Size/MD5 checksum:   891922 606fc28448bead2709c39a1d3e529a25
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_amd64.deb
    Size/MD5 checksum:   745758 95bd39eb2818772c43c3351b22326fcd

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_arm.deb
    Size/MD5 checksum:   741876 1b670c6bac3aa9f7df28f7ea3f1e5725
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_arm.deb
    Size/MD5 checksum:    34678 9a992dc251b137a919a813eed2af8489
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_arm.deb
    Size/MD5 checksum:   165290 732b4e94b91a086c6b950d187af160bc
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_arm.deb
    Size/MD5 checksum:   817514 299c93a812ac02a8aa9da88f4cb5aedf
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_arm.deb
    Size/MD5 checksum:   673192 d2ff2c26ee8dae05f81c24aa6dfce9b5

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_hppa.deb
    Size/MD5 checksum:   191876 4d2e33090237b47bc10e9526329f0bc5
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_hppa.deb
    Size/MD5 checksum:    36708 0ebf8554c5a0e873b128d52ceafccdfd
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_hppa.deb
    Size/MD5 checksum:   850210 bde343770ac9a7bd458e68a60c2b8434
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_hppa.deb
    Size/MD5 checksum:   858660 88f67d0d2aff41333ca2f4d4b2d6b5b2
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_hppa.deb
    Size/MD5 checksum:   864474 489dbd9d677c274c07abb88d0f23b969

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_i386.deb
    Size/MD5 checksum:   755986 9fdf341ede17d7790202229db9cc1353
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_i386.deb
    Size/MD5 checksum:   169032 272c6be290817bf9cb8b401425fd83d5
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_i386.deb
    Size/MD5 checksum:   681472 d8a0611d638e0553da64a218fbcf291a
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_i386.deb
    Size/MD5 checksum:   857318 6946048170dd7d142c03c13794c30d6f
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_i386.deb
    Size/MD5 checksum:    34496 3e3674a714f780024630ad1a2ca46eab

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_ia64.deb
    Size/MD5 checksum:  1106480 03e08564e2bf843905daecdd7c5cc4c4
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_ia64.deb
    Size/MD5 checksum:   874222 ed9ab6fa068a5b07c22ec1c10db8e0ab
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_ia64.deb
    Size/MD5 checksum:  1080186 defc5f4f9eb80872a793cc025e33a111
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_ia64.deb
    Size/MD5 checksum:    48492 5a567323dc0bf8159a6eae87957266d5
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_ia64.deb
    Size/MD5 checksum:   196536 cdbb137c8bb31cf29114673c4cb28e67

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mips.deb
    Size/MD5 checksum:    34418 4a05346cb2fc6c314e7e8aef21662469
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mips.deb
    Size/MD5 checksum:   171678 c94bfffc6bde639623ce9a91028960e5
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mips.deb
    Size/MD5 checksum:   926922 ddc8ff03120dd78869830d38a5e8708d
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mips.deb
    Size/MD5 checksum:   840642 57f2ea24a31904c4b07531f6292a4a8e
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mips.deb
    Size/MD5 checksum:   770246 20ba2586e1406d66bd34642f13265dcf

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_mipsel.deb
    Size/MD5 checksum:    34398 9f0ebfb1dc37496e6b7a4e9963ffaeff
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_mipsel.deb
    Size/MD5 checksum:   898346 29680d5d5baa66e251e71f55aa128e3c
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_mipsel.deb
    Size/MD5 checksum:   768976 8f6464a0ef61b3ddcd271652a01c7469
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_mipsel.deb
    Size/MD5 checksum:   833252 5c83c05d44526479e7c550fd0d8cbdbe
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_mipsel.deb
    Size/MD5 checksum:   168690 eb56cb1ea49795d0a5a18af468625941

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_powerpc.deb
    Size/MD5 checksum:   898010 c3d61392afcb383d0f27d5f91fda721d
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_powerpc.deb
    Size/MD5 checksum:   770994 94ef895f8942b880e8823e10420120e6
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_powerpc.deb
    Size/MD5 checksum:   172726 5d097f0290be2bab9b93287bad07e83f
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_powerpc.deb
    Size/MD5 checksum:    37660 e977bc38e837077de7a006ef923b98bd
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_powerpc.deb
    Size/MD5 checksum:   779958 ad7245f8a9980d7f40234aefaf12a31b

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_s390.deb
    Size/MD5 checksum:   185726 91661276ed6cf371373b4e61805c81b8
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_s390.deb
    Size/MD5 checksum:   885618 218f2603ab94bf92ba45cd330fe15782
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_s390.deb
    Size/MD5 checksum:   806024 3abe21a0d756e5a0a2ca646f0ba32729
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_s390.deb
    Size/MD5 checksum:    36378 cbc5eb7e2f81adafeba8e857aee8c918
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_s390.deb
    Size/MD5 checksum:   750190 4172cb95d7aea2f9ee9331220cd5274c

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-5_sparc.deb
    Size/MD5 checksum:   781522 c20ea9c8ab0ec798488e68c845650036
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-5_sparc.deb
    Size/MD5 checksum:   713144 e0139b86fbf9644678c2c6de6462bff1
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-5_sparc.deb
    Size/MD5 checksum:   759568 7d46f7ceb214711851cc1f27edef2c48
  http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-5_sparc.deb
    Size/MD5 checksum:    34580 fceb65808b2c98f621d79352eea9d2d5
  http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-5_sparc.deb
    Size/MD5 checksum:   176874 f27821fe07861f2e71658bc3eb0a595e


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD4DBQFI9N2RwM/Gs81MDZ0RAqP7AJYxbWnJqF4zauFOietE80FTYW02AKDCOBt2
wvZ3MJ4FZeRn990jpLrh1A==
=FZQi
-----END PGP SIGNATURE-----




© 1998-2020 E-Soft Inc. Todos los derechos reservados.