English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2004-12
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date : 07 Apr 2004
 Last revised           : 07 Apr 2004

 Package : libxml2

 Summary : Buffer overflows

 More information :
    Libxml2 is a library for manipulating XML files.
    A buffer overflow vulnerability was discovered in libxml2 versions prior to 2.6.6.

 Impact :
    This may allow remote attackers to execute arbitrary code via a long URL.

 Affected Products :
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Desktop
    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation

 Solution :
    Please use turbopkg(zabom) tool to apply the update.
 ---------------------------------------------
 # turboupdate

 # turbopkg

 # zabom update libxml2 libxml2-deve libxml2-python
 ---------------------------------------------


 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size : MD5

   libxml2-2.4.22-2.src.rpm
      1544784 45887af170d5931f2db7381737a99dfe

   Binary Packages
   Size : MD5

   libxml2-2.4.22-2.i586.rpm
       348852 5e5dae2527a67fcc6d69f0b6ba5c3f75
   libxml2-devel-2.4.22-2.i586.rpm
       673017 f41474006180d834f54f0a30797c9781
   libxml2-python-2.4.22-2.i586.rpm
       120006 9ac02ed2be1c8c7cde88fb852e5bbe71

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size : MD5

   libxml2-2.4.22-2.src.rpm
      1544784 132d50b9dc13ff00c6ab39b3719d883e

   Binary Packages
   Size : MD5

   libxml2-2.4.22-2.i586.rpm
       348775 a73087648767b5f3e3ef13f80382ff4d
   libxml2-devel-2.4.22-2.i586.rpm
       672864 37cb38c3d7d50ca02dce0e87f4b8fc21
   libxml2-python-2.4.22-2.i586.rpm
       119890 eda3ae08127252fa6c0dcbdbaed08b53

 <Turbolinux 10 Desktop>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/libxml2-2.5.11-2.src.rpm
      2299266 aca3b55257986b10e13d2dcec12db7d5

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libxml2-2.5.11-2.i586.rpm
       510473 d49464be5aaddff35f6a14829ef3ac1e
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/libxml2-devel-2.5.11-2.i586.rpm
      1039549 474a2f6acc73e12199cde2b1a8233775

 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/libxml2-2.4.22-2.src.rpm
      1544784 24d996e8d5394c7f70c0cc9a06726bb0

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-2.4.22-2.i586.rpm
       348613 e4b980f0b4c3aa7b0ac55449fae6491d
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-devel-2.4.22-2.i586.rpm
       672887 75cfe3b619a4056a3c72d3d742d76f9c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/libxml2-python-2.4.22-2.i586.rpm
       119860 8cb2ef3d8f9e780797f1633de3d37775

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/libxml2-2.4.19-2.src.rpm
      1934996 b8e13d700dd12e1da05ca9b688cfa8d6

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-2.4.19-2.i586.rpm
       343360 6a468e671b9058c688f0112e19705c7f
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-devel-2.4.19-2.i586.rpm
       648282 0216b0cf8fcee52f4bdc668f8ba1f1ee
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/libxml2-python-2.4.19-2.i586.rpm
       118177 aa5c7e0d05326923eead4d96835f0f9e

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/libxml2-2.4.28-2.src.rpm
      2498086 667895c050fde1426e2e8dc854f6a7fb

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-2.4.28-2.i586.rpm
       387991 226d46babf6a54f72bf89d530aacf160
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-devel-2.4.28-2.i586.rpm
       971376 7a9c5f4862c41a7768dc36a34a8bc911
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/libxml2-python-2.4.28-2.i586.rpm
       155282 cc7039cc53d87eb5cc1d5b9a3dca291b

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/libxml2-2.4.28-2.src.rpm
      2498086 d814b4b15a7b4c45abc293795cb8910e

   Binary Packages
   Size : MD5

   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-2.4.28-2.i586.rpm
       387983 de5c72d2df1e74a1367563e4394233dd
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-devel-2.4.28-2.i586.rpm
       971447 baae34a4623c7dbbdbaedaa52a36d31c
   ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/libxml2-python-2.4.28-2.i586.rpm
       155244 d7344b14fcff59ae829c5c8a01be17b6


 Reiferences :

 CVE
   [CAN-2004-0110]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110


 --------------------------------------------------------------------------
 Revision History
    07 Apr 2004 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2004 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAc2XTK0LzjOqIJMwRAjbFAJ4whF4wR5M6QOkNFeIiqWQfqxCH2ACgoa2e
hUO3rXCpOa4vLMqtNYqpewY=
=+AP/
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.