English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 61204 CVE descriptions
and 32582 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-12
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 26 Jan 2005
 Last revised: 26 Jan 2005

 Package: libxml2

 Summary: Buffer overflow vulnerabilites exist in libxml2

 More information:
    The libxml2 library provides procedures for XML file manipulation.

    Multiple buffer overflow vulnerabilities have been discovered in libxml2.

 Impact:
    These vulnerabilities may allow remote attackers to execute arbitrary
    code via malformed XML files.

 Affected Products:
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution:
    Please use the turbopkg (zabom) tool to apply the update. 
 ---------------------------------------------
 [Turbolinux 10 Server, Turbolinux 10 Desktop, Turbolinux 10 F..., 
  Turbolinux Home]
 # turbopkg
 or
 # zabom -u libxml2 libxml2-devel

 [other]
 # turbopkg
 or
 # zabom update libxml2 libxml2-devel
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   libxml2-2.4.22-3.src.rpm
      1546095 45e4878e24d9c3ea37a74e606b98b36b

   Binary Packages
   Size: MD5

   libxml2-2.4.22-3.i586.rpm
       348726 3536b4e41bfcbe790bddb71dcbe82454
   libxml2-devel-2.4.22-3.i586.rpm
       672112 35415f29d7bb3bb37bdc64551f2bb39b
   libxml2-python-2.4.22-3.i586.rpm
       119866 92be4a854e5eae388387f5b6992bf1a3

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   libxml2-2.4.22-3.src.rpm
      1546095 c3c1b644325030da4be5f88773c5e62b

   Binary Packages
   Size: MD5

   libxml2-2.4.22-3.i586.rpm
       348918 6a37a0890286bd39c8cbdcea39e80bb1
   libxml2-devel-2.4.22-3.i586.rpm
       673104 08c514e9ff536f3abddfbd37b47640f0
   libxml2-python-2.4.22-3.i586.rpm
       120058 e26e9e2fc43a91c3945440458d9ef2db

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/libxml2-2.6.11-3.src.rpm
      3676235 c83ca34b6b043df8bdbf71074a01d8ad

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libxml2-2.6.11-3.i586.rpm
       931885 e0c079d1fced4b79406d8137f7ae51cb
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libxml2-debug-2.6.11-3.i586.rpm
      1261976 e56ed4aafbc708d5b82cbd7420dc3688
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libxml2-devel-2.6.11-3.i586.rpm
      1833564 c4fa232aa88a3a9ad8e6599674eb5215
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/libxml2-python-2.6.11-3.i586.rpm
       219714 975a999a695a80addc291c9a086f6c70

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libxml2-2.6.2-3.src.rpm
      2494574 5074efa52a7b7fbb048d32195e939072

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libxml2-2.6.2-3.i586.rpm
       513161 3fdaa041b1f0b43edf73478314ef17da
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libxml2-devel-2.6.2-3.i586.rpm
      1068458 2d3f0d198946eeccf3a43c4ca56ed87c

 <Turbolinux 8 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/libxml2-2.4.22-3.src.rpm
      1546095 8c4bd8f791a125332e4a88095c33799c

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-2.4.22-3.i586.rpm
       348792 e6562126f8981e907a75ef3a2da69873
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-devel-2.4.22-3.i586.rpm
       672844 987ab841df3e43eca6c4512a0507e8df
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-python-2.4.22-3.i586.rpm
       119991 50216a9da56ed1f136ac8954152d6599

 <Turbolinux 8 Workstation>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/libxml2-2.4.19-3.src.rpm
      1935708 338be398b6817e3dad7a6cb96847c930

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-2.4.19-3.i586.rpm
       343441 8be8c1ada3f99ea2098874d66840ec3a
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-devel-2.4.19-3.i586.rpm
       648314 32d33253943c3a1f40ba9c90df74c2e2
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-python-2.4.19-3.i586.rpm
       118291 7627209852457adfad6f41e7ef715655

 <Turbolinux 7 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/libxml2-2.4.28-3.src.rpm
      2499363 16ed867be21e9d3cdfb329939e652019

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-2.4.28-3.i586.rpm
       388291 5f063aebeba773a4303f30bd7d70c468
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-devel-2.4.28-3.i586.rpm
       971341 e83302e5593a0903362078f2288ba90e
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-python-2.4.28-3.i586.rpm
       155374 ab3939602ce9d4ec7fcbb303680c22ea

 <Turbolinux 7 Workstation>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/libxml2-2.4.28-3.src.rpm
      2499363 818aea961b5deab575384742a7012a59

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-2.4.28-3.i586.rpm
       388163 f37ef635700f96e2125ce4c7e0e043db
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-devel-2.4.28-3.i586.rpm
       971519 9214c44cf80e7ae6bd218aacbaaa8ce7
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-python-2.4.28-3.i586.rpm
       155359 7d0e098faaf3884eec9332ba6773160f


 References:

 CVE
   [CAN-2004-0989]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0989

 --------------------------------------------------------------------------
 Revision History
    26 Jan 2005 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2005 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFB9x+bK0LzjOqIJMwRAkQ6AJ4uL6EaoJqVqgabPGXn2J1wCToKZACeO4XJ
j2z/A34xRhQ7YGSkNbSm0ww=
=wtLX
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.