Test Kennung:	1.3.6.1.4.1.25623.1.0.122794
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-2550)
Zusammenfassung:	The remote host is missing an update for the 'libxml2' package(s) announced via the ELSA-2015-2550 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the ELSA-2015-2550 advisory. Vulnerability Insight: [2.9.1-6.0.1.el7_1.2] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-6.2] - Fix a series of CVEs (rhbz#1286496) - CVE-2015-7941 Stop parsing on entities boundaries errors - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-8317 Fail parsing early on if encoding conversion failed - CVE-2015-7942 Another variation of overflow in Conditional sections - CVE-2015-7942 Fix an error in previous Conditional section patch - Fix parsing short unclosed comment uninitialized access - CVE-2015-7498 Avoid processing entities after encoding conversion failures - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey - CVE-2015-5312 Another entity expansion issue - CVE-2015-7499 Add xmlHaltParser() to stop the parser - CVE-2015-7499 Detect incoherency on GROW - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries - CVE-2015-8242 Buffer overead with HTML parser in push mode - CVE-2015-1819 Enforce the reader to run in constant memory [2.9.1-6] - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities (rhbz#1195650) - Fix regressions introduced by CVE-2014-0191 patch [2.9.1-5.1] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087) Affected Software/OS: 'libxml2' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1819 1034243 http://www.securitytracker.com/id/1034243 75570 http://www.securityfocus.com/bid/75570 APPLE-SA-2016-03-21-1 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html APPLE-SA-2016-03-21-2 http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html APPLE-SA-2016-03-21-3 http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html APPLE-SA-2016-03-21-5 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html DSA-3430 http://www.debian.org/security/2015/dsa-3430 FEDORA-2015-037f844d3e http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html FEDORA-2015-c24af963a2 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html GLSA-201507-08 https://security.gentoo.org/glsa/201507-08 GLSA-201701-37 https://security.gentoo.org/glsa/201701-37 RHSA-2015:1419 http://rhn.redhat.com/errata/RHSA-2015-1419.html RHSA-2015:2550 http://rhn.redhat.com/errata/RHSA-2015-2550.html USN-2812-1 http://www.ubuntu.com/usn/USN-2812-1 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://xmlsoft.org/news.html https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9 https://support.apple.com/HT206166 https://support.apple.com/HT206167 https://support.apple.com/HT206168 https://support.apple.com/HT206169 openSUSE-SU-2015:2372 http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html openSUSE-SU-2016:0106 http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html Common Vulnerability Exposure (CVE) ID: CVE-2015-5312 79536 http://www.securityfocus.com/bid/79536 HPSBGN03537 http://marc.info/?l=bugtraq&m=145382616617563&w=2 RHSA-2015:2549 http://rhn.redhat.com/errata/RHSA-2015-2549.html RHSA-2016:1089 http://rhn.redhat.com/errata/RHSA-2016-1089.html USN-2834-1 http://www.ubuntu.com/usn/USN-2834-1 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html https://bugzilla.redhat.com/show_bug.cgi?id=1276693 https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172 Common Vulnerability Exposure (CVE) ID: CVE-2015-7497 79508 http://www.securityfocus.com/bid/79508 https://bugzilla.redhat.com/show_bug.cgi?id=1281862 https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9 Common Vulnerability Exposure (CVE) ID: CVE-2015-7498 79548 http://www.securityfocus.com/bid/79548 https://bugzilla.redhat.com/show_bug.cgi?id=1281879 https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43 Common Vulnerability Exposure (CVE) ID: CVE-2015-7499 79509 http://www.securityfocus.com/bid/79509 https://bugzilla.redhat.com/show_bug.cgi?id=1281925 https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da Common Vulnerability Exposure (CVE) ID: CVE-2015-7500 79562 http://www.securityfocus.com/bid/79562 https://bugzilla.redhat.com/show_bug.cgi?id=1281943 https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f Common Vulnerability Exposure (CVE) ID: CVE-2015-7941 BugTraq ID: 74241 http://www.securityfocus.com/bid/74241 Debian Security Information: DSA-3430 (Google Search) http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html HPdes Security Advisory: HPSBGN03537 http://www.openwall.com/lists/oss-security/2015/10/22/5 http://www.openwall.com/lists/oss-security/2015/10/22/8 RedHat Security Advisories: RHSA-2015:2549 RedHat Security Advisories: RHSA-2015:2550 RedHat Security Advisories: RHSA-2016:1089 SuSE Security Announcement: openSUSE-SU-2015:2372 (Google Search) SuSE Security Announcement: openSUSE-SU-2016:0106 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2015-7942 BugTraq ID: 79507 http://www.securityfocus.com/bid/79507 Common Vulnerability Exposure (CVE) ID: CVE-2015-8241 BugTraq ID: 77621 http://www.securityfocus.com/bid/77621 http://www.openwall.com/lists/oss-security/2015/11/17/5 http://www.openwall.com/lists/oss-security/2015/11/18/23 Common Vulnerability Exposure (CVE) ID: CVE-2015-8242 BugTraq ID: 77681 http://www.securityfocus.com/bid/77681 Common Vulnerability Exposure (CVE) ID: CVE-2015-8317 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html BugTraq ID: 91826 http://www.securityfocus.com/bid/91826 https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html http://www.openwall.com/lists/oss-security/2015/11/21/1 http://www.openwall.com/lists/oss-security/2015/11/22/3
Copyright	Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.