Advisories » MGASA-2013-0218

Updated libxml2 packages fix CVE-2013-2877

Publication date: 21 Jul 2013
Modification date: 21 Jul 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-2877

Description

It was discovered that libxml2 incorrectly handled documents that end
abruptly. If a user or automated system were tricked into opening a
specially crafted document, an attacker could possibly cause libxml2 to
crash, resulting in a denial of service (CVE-2013-2877).
                

References

• http://www.ubuntu.com/usn/usn-1904-1/
• https://bugs.mageia.org/show_bug.cgi?id=10774
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877

SRPMS

2/core

• libxml2-2.7.8-14.20120229.8.mga2

3/core

• libxml2-2.9.0-5.2.mga3