-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Fedora Test Update Notification FEDORA-2004-1324 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1324 2004-05-31 - --------------------------------------------------------------------- Name : libxml2 Version 7.3 : 2.4.19-5.legacy Summary : Library providing XML and HTML support. Description : This library lets you manipulate XML files. It includes support to read, modify, and write XML and HTML files. It has DTD support, including parsing and validation, even with complex DTDs. The output can be a simple SAX stream or an in-memory DOM like representation. In this case you can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. - --------------------------------------------------------------------- Update Information: CAN-2004-0110: Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL. - --------------------------------------------------------------------- Changelog: 7.3: * Sat May 01 2004 Seth Vidal <skvidal@xxxxxxxxxxxx> - - updated patch with patch from bug #1324 comment 4 - - added buildrequires from comment 6 * Fri Feb 27 2004 Dominic Hargreaves <dom@xxxxxxxx> - - fixes overflow when parsing remote resources - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ 7ea6c8e40a04c2eafb82d53e8e6931b27348f4ad 7.3/updates-testing/SRPMS/libxml2-2.4.19-5.legacy.src.rpm c325b2b9d03335b41db6b0b462a35d1ed847e56f 7.3/updates-testing/i386/libxml2-2.4.19-5.legacy.i386.rpm c53f70cad435630b3e5b5f5d363c7d425f980a35 7.3/updates-testing/i386/libxml2-devel-2.4.19-5.legacy.i386.rpm 8819fa789731693645839f32f55aac2f2dc27906 7.3/updates-testing/i386/libxml2-python-2.4.19-5.legacy.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. - --------------------------------------------------------------------- - -- Jesse Keating RHCE (http://geek.j2solutions.net) Fedora Legacy Team (http://www.fedoralegacy.org) GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAu6xG4v2HLvE71NURAthaAJ0RDpR6ioSi9/wPO90LRslU0q3WkQCgluW1 FlbqgJM4oSDXNDbN7YsGUs8= =Mi+z -----END PGP SIGNATURE----- -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
