Ubuntu Security Notice 3739-1 - Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
559980d04b53e256cbecbdafba83effc0a6bc6745780cef358d6c14ab871cffb==========================================================================
Ubuntu Security Notice USN-3739-1
August 14, 2018
libxml2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in libxml2.
Software Description:
- libxml2: GNOME XML library
Details:
Matias Brutti discovered that libxml2 incorrectly handled certain XML
files. An attacker could possibly use this issue to expose sensitive
information. (CVE-2016-9318)
It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2017-16932)
It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-18258, CVE-2018-14404, CVE-2018-14567)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libxml2 2.9.4+dfsg1-6.1ubuntu1.2
libxml2-utils 2.9.4+dfsg1-6.1ubuntu1.2
python-libxml2 2.9.4+dfsg1-6.1ubuntu1.2
python3-libxml2 2.9.4+dfsg1-6.1ubuntu1.2
Ubuntu 16.04 LTS:
libxml2 2.9.3+dfsg1-1ubuntu0.6
libxml2-utils 2.9.3+dfsg1-1ubuntu0.6
python-libxml2 2.9.3+dfsg1-1ubuntu0.6
Ubuntu 14.04 LTS:
libxml2 2.9.1+dfsg1-3ubuntu4.13
libxml2-utils 2.9.1+dfsg1-3ubuntu4.13
python-libxml2 2.9.1+dfsg1-3ubuntu4.13
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3739-1
CVE-2016-9318, CVE-2017-16932, CVE-2017-18258, CVE-2018-14404,
CVE-2018-14567
Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-6.1ubuntu1.2
https://launchpad.net/ubuntu/+source/libxml2/2.9.3+dfsg1-1ubuntu0.6
https://launchpad.net/ubuntu/+source/libxml2/2.9.1+dfsg1-3ubuntu4.13
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed