ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2016.148.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2016-148-01)
Resumen:	The remote host is missing an update for the 'libxml2' package(s) announced via the SSA:2016-148-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the SSA:2016-148-01 advisory. Vulnerability Insight: New libxml2 packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/libxml2-2.9.4-i486-1_slack14.1.txz: Upgraded. This release fixes bugs and security issues: Heap-based buffer underreads due to xmlParseName (CVE-2016-4447). Format string vulnerability (CVE-2016-4448). Inappropriate fetch of entities content (CVE-2016-4449). For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'libxml2' package(s) on Slackware 14.0, Slackware 14.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-4447 1036348 http://www.securitytracker.com/id/1036348 90864 http://www.securityfocus.com/bid/90864 APPLE-SA-2016-07-18-1 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html APPLE-SA-2016-07-18-2 http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html APPLE-SA-2016-07-18-3 http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html APPLE-SA-2016-07-18-4 http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html APPLE-SA-2016-07-18-6 http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html DSA-3593 https://www.debian.org/security/2016/dsa-3593 RHSA-2016:1292 https://access.redhat.com/errata/RHSA-2016:1292 RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html SSA:2016-148-01 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722 USN-2994-1 http://www.ubuntu.com/usn/USN-2994-1 [oss-security] 20160525 3 libxml2 issues http://www.openwall.com/lists/oss-security/2016/05/25/2 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://xmlsoft.org/news.html https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709 https://kc.mcafee.com/corporate/index?page=content&id=SB10170 https://support.apple.com/HT206899 https://support.apple.com/HT206901 https://support.apple.com/HT206902 https://support.apple.com/HT206903 https://support.apple.com/HT206904 https://support.apple.com/HT206905 https://www.tenable.com/security/tns-2016-18 Common Vulnerability Exposure (CVE) ID: CVE-2016-4448 90856 http://www.securityfocus.com/bid/90856 https://bugzilla.redhat.com/show_bug.cgi?id=1338700 https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b Common Vulnerability Exposure (CVE) ID: CVE-2016-4449 90865 http://www.securityfocus.com/bid/90865 JVN#17535578 http://jvn.jp/en/jp/JVN17535578/index.html JVNDB-2017-000066 http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5 https://support.cybozu.com/ja-jp/article/9735
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.