The libxml2 library is a development toolbox providing the implementation
of various XML standards.
A denial of service flaw was found in the way libxml2 performed string
substitutions when entity values for entity references replacement was
enabled. A remote attacker could provide a specially-crafted XML file that,
when processed by an application linked against libxml2, would lead to
excessive CPU consumption. (CVE-2013-0338)
All users of libxml2 are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. The desktop must
be restarted (log out, then log back in) for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 5 | x86_64 | libxml2 | < 2.6.26-2.1.21.el5_9.1 | libxml2-2.6.26-2.1.21.el5_9.1.x86_64.rpm |
RedHat | 5 | ppc | libxml2-devel | < 2.6.26-2.1.21.el5_9.1 | libxml2-devel-2.6.26-2.1.21.el5_9.1.ppc.rpm |
RedHat | 5 | s390x | libxml2-devel | < 2.6.26-2.1.21.el5_9.1 | libxml2-devel-2.6.26-2.1.21.el5_9.1.s390x.rpm |
RedHat | 6 | i686 | libxml2-debuginfo | < 2.7.6-12.el6_4.1 | libxml2-debuginfo-2.7.6-12.el6_4.1.i686.rpm |
RedHat | 6 | x86_64 | libxml2-python | < 2.7.6-12.el6_4.1 | libxml2-python-2.7.6-12.el6_4.1.x86_64.rpm |
RedHat | 5 | i386 | libxml2-devel | < 2.6.26-2.1.21.el5_9.1 | libxml2-devel-2.6.26-2.1.21.el5_9.1.i386.rpm |
RedHat | 5 | i386 | libxml2-python | < 2.6.26-2.1.21.el5_9.1 | libxml2-python-2.6.26-2.1.21.el5_9.1.i386.rpm |
RedHat | 6 | s390x | libxml2-devel | < 2.7.6-12.el6_4.1 | libxml2-devel-2.7.6-12.el6_4.1.s390x.rpm |
RedHat | 5 | ia64 | libxml2-devel | < 2.6.26-2.1.21.el5_9.1 | libxml2-devel-2.6.26-2.1.21.el5_9.1.ia64.rpm |
RedHat | 6 | x86_64 | libxml2 | < 2.7.6-12.el6_4.1 | libxml2-2.7.6-12.el6_4.1.x86_64.rpm |