Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2015-0358)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.130031

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2015-0358)

Resumen: The remote host is missing an update for the 'libxml2' package(s) announced via the MGASA-2015-0358 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libxml2' package(s) announced via the MGASA-2015-0358 advisory.

Vulnerability Insight:
Updated libxml2 packages fix security vulnerability:

The xmlreader in libxml2 allows remote attackers to cause a denial of service
(memory consumption) via crafted XML data, related to an XML Entity Expansion
(XEE) attack (CVE-2015-1819).

The libxml2 package has been patched to fix this issue, as well as two
out-of-bounds read issues (bgo#744980, bgo#746048).

Affected Software/OS:
'libxml2' package(s) on Mageia 4, Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-1819
1034243
http://www.securitytracker.com/id/1034243
75570
http://www.securityfocus.com/bid/75570
APPLE-SA-2016-03-21-1
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
APPLE-SA-2016-03-21-2
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
APPLE-SA-2016-03-21-3
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
APPLE-SA-2016-03-21-5
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
DSA-3430
http://www.debian.org/security/2015/dsa-3430
FEDORA-2015-037f844d3e
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html
FEDORA-2015-c24af963a2
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html
GLSA-201507-08
https://security.gentoo.org/glsa/201507-08
GLSA-201701-37
https://security.gentoo.org/glsa/201701-37
RHSA-2015:1419
http://rhn.redhat.com/errata/RHSA-2015-1419.html
RHSA-2015:2550
http://rhn.redhat.com/errata/RHSA-2015-2550.html
USN-2812-1
http://www.ubuntu.com/usn/USN-2812-1
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://xmlsoft.org/news.html
https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
https://support.apple.com/HT206166
https://support.apple.com/HT206167
https://support.apple.com/HT206168
https://support.apple.com/HT206169
openSUSE-SU-2015:2372
http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
openSUSE-SU-2016:0106
http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.130031
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0358)
Resumen:	The remote host is missing an update for the 'libxml2' package(s) announced via the MGASA-2015-0358 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the MGASA-2015-0358 advisory. Vulnerability Insight: Updated libxml2 packages fix security vulnerability: The xmlreader in libxml2 allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack (CVE-2015-1819). The libxml2 package has been patched to fix this issue, as well as two out-of-bounds read issues (bgo#744980, bgo#746048). Affected Software/OS: 'libxml2' package(s) on Mageia 4, Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1819 1034243 http://www.securitytracker.com/id/1034243 75570 http://www.securityfocus.com/bid/75570 APPLE-SA-2016-03-21-1 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html APPLE-SA-2016-03-21-2 http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html APPLE-SA-2016-03-21-3 http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html APPLE-SA-2016-03-21-5 http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html DSA-3430 http://www.debian.org/security/2015/dsa-3430 FEDORA-2015-037f844d3e http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html FEDORA-2015-c24af963a2 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html GLSA-201507-08 https://security.gentoo.org/glsa/201507-08 GLSA-201701-37 https://security.gentoo.org/glsa/201701-37 RHSA-2015:1419 http://rhn.redhat.com/errata/RHSA-2015-1419.html RHSA-2015:2550 http://rhn.redhat.com/errata/RHSA-2015-2550.html USN-2812-1 http://www.ubuntu.com/usn/USN-2812-1 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://xmlsoft.org/news.html https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9 https://support.apple.com/HT206166 https://support.apple.com/HT206167 https://support.apple.com/HT206168 https://support.apple.com/HT206169 openSUSE-SU-2015:2372 http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html openSUSE-SU-2016:0106 http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
Copyright	Copyright (C) 2015 Greenbone AG