Re: [xml] CVE-2008-4226 and CVE-2008-4225.

From: Daniel Veillard <veillard redhat com>
To: f rom <etaoinbe yahoo com>
Cc: xml gnome org
Subject: Re: [xml] CVE-2008-4226 and CVE-2008-4225.
Date: Thu, 20 Nov 2008 17:09:34 +0100

On Thu, Nov 20, 2008 at 05:06:35AM -0800, f rom wrote:

Which version of libxml2 do I need to download that solves : CVE-2008-4226 and CVE-2008-4225. 

This update fixes an integer overflow in libxml2 that could lead to
memory corruption and arbitrary code execution. (CVE-2008-4226)
Thanks to: Drew Yao of Apple Product Security


  SVN head, there have been no release with the fix yet, You should
be able to grab the snapshot if you really want a tarball.

Daniel

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel veillard com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/

Follow-Ups:
- [xml] Getting Sub node
  - From: vijaykumar manchala

References:
- [xml] CVE-2008-4226 and CVE-2008-4225.
  - From: f rom

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]