Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Errata Announcements for Oracle Linux <el-errata <at> oss.oracle.com>
Subject: ELSA-2013-0581 Moderate: Oracle Linux 5 libxml2 security update
Newsgroups: gmane.linux.oracle.el-errata
Date: Friday 1st March 2013 14:42:55 UTC (over 3 years ago)
Oracle Linux Security Advisory ELSA-2013-0581

https://rhn.redhat.com/errata/RHSA-2013-0581.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
libxml2-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm
libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm
libxml2-python-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm

x86_64:
libxml2-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm
libxml2-2.6.26-2.1.21.0.1.el5_9.1.x86_64.rpm
libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm
libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.x86_64.rpm
libxml2-python-2.6.26-2.1.21.0.1.el5_9.1.x86_64.rpm

ia64:
libxml2-2.6.26-2.1.21.0.1.el5_9.1.i386.rpm
libxml2-2.6.26-2.1.21.0.1.el5_9.1.ia64.rpm
libxml2-devel-2.6.26-2.1.21.0.1.el5_9.1.ia64.rpm
libxml2-python-2.6.26-2.1.21.0.1.el5_9.1.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/libxml2-2.6.26-2.1.21.0.1.el5_9.1.src.rpm



Description of changes:

[2.6.26-2.1.21.0.1.el5_9.1]
- Add libxml2-enterprise.patch
- Replaced docs/redhat.gif in tarball with updated image

[2.6.26-2.1.21.el5_9.1]
- detect and stop excessive entities expansion upon replacement 
(rhbz#912572)

[2.6.26-2.1.21.el5]
- fix out of range heap access (CVE-2012-5134)

[2.6.26-2.1.20.el5]
- Implement some default limits in the XPath module (CVE-2011-1944)
- Change the XPath code to percolate allocation errors (CVE-2011-1944)

[2.6.26-2.1.19.el5]
- Fix an off by one pointer access (CVE-2011-3102)

[2.6.26-2.1.18.el5]
- Fix parser local buffers size problems (rhbz#843740)
- Fix entities local buffers size problems (rhbz#843740)
- Fix an error in previous commit (rhbz#843740)

[2.6.26-2.1.17.el5]
- fix previous build to force compilation of randomization code
- Resolves: rhbz#788844

[2.6.26-2.1.16.el5]
- adds randomization to hash and dict structures CVE-2012-0841
- Resolves: rhbz#788844
 
CD: 3ms