[SECURITY] Fedora 7 Update: libxml2-2.6.31-1.fc7

updates at fedoraproject.org updates at fedoraproject.org
Fri Jan 11 22:13:53 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-0477
2008-01-11 21:21:49
--------------------------------------------------------------------------------

Name        : libxml2
Product     : Fedora 7
Version     : 2.6.31
Release     : 1.fc7
URL         : http://xmlsoft.org/
Summary     : Library providing XML and HTML support
Description :
This library allows to manipulate XML files. It includes support
to read, modify and write XML and HTML files. There is DTDs support
this includes parsing and validation even with complex DtDs, either
at parse time or later once the document has been modified. The output
can be a simple SAX stream or and in-memory DOM like representations.
In this case one can use the built-in XPath and XPointer implementation
to select subnodes or ranges. A flexible Input/Output mechanism is
available, with existing HTTP and FTP modules and combined to an
URI library.

--------------------------------------------------------------------------------
Update Information:

This release fixes a potential Denial of Service attack
on services using libxml2 to parse user provided XML.
All users are invited to upgrade.
Fixes CVE-2007-6284
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jan 11 2008 Daniel Veillard <veillard at redhat.com> 2.6.31-1.f7
- upstream release 2.6.31 see http://xmlsoft.org/news.html
- many bug fixed upstream
* Tue Jun 12 2007 Daniel Veillard <veillard at redhat.com> 2.6.29-1.f7
- upstream release 2.6.29 see http://xmlsoft.org/news.html
- many bug fixed upstream
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #425927 - CVE-2007-6284 libxml2: infinite loop in UTF-8 decoding
        https://bugzilla.redhat.com/show_bug.cgi?id=425927
--------------------------------------------------------------------------------
Updated packages:

d9465595b4865fa5109cf1e56679050bb4e867c4 libxml2-debuginfo-2.6.31-1.fc7.ppc64.rpm
cf3134451d1fbcf5e7fe58a4b1435830f058fa07 libxml2-python-2.6.31-1.fc7.ppc64.rpm
b7d41b97ec2692485688c32f01f15da49cef44bd libxml2-devel-2.6.31-1.fc7.ppc64.rpm
86d74adf7c3130b58d13d21f1e1864e5c8fc888f libxml2-2.6.31-1.fc7.ppc64.rpm
fb9492389435fd667e7e9955100856f064e1e908 libxml2-debuginfo-2.6.31-1.fc7.i386.rpm
78f54bdad22cb0f8b647580a0e4757c29f340317 libxml2-python-2.6.31-1.fc7.i386.rpm
3990e9a012df128eec7d56868538d2c607f8c6e6 libxml2-devel-2.6.31-1.fc7.i386.rpm
aeed2d2d5a5daa84bce676b7dbd3ea545c88b5e1 libxml2-2.6.31-1.fc7.i386.rpm
6319d52cc9a04cd380e4b77a3bfdf5f0fb5ded99 libxml2-debuginfo-2.6.31-1.fc7.x86_64.rpm
246a96e4654d9ff64c236de225b53fcf73296ede libxml2-python-2.6.31-1.fc7.x86_64.rpm
8dcbf1fa1eb5e154bddca1583a7f0cb5dbe11fed libxml2-devel-2.6.31-1.fc7.x86_64.rpm
76dcbab6298d29fd8ac384b8bd55ceba89ce75b2 libxml2-2.6.31-1.fc7.x86_64.rpm
8bbdecad4989d856ce76ffd0cc3940eb6a7058ac libxml2-debuginfo-2.6.31-1.fc7.ppc.rpm
37a828af14cabacaa77a690a4032eb30b9445f10 libxml2-python-2.6.31-1.fc7.ppc.rpm
ec9714588eedd274713630d4feac5c157e79e25e libxml2-devel-2.6.31-1.fc7.ppc.rpm
e8d78709e46724424b76809e8e1e3c18d1f10f38 libxml2-2.6.31-1.fc7.ppc.rpm
e18fe16d58b0bef4e63a40cc4d68f12247797932 libxml2-2.6.31-1.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update libxml2' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list