Red Hat Security Advisory 2013-0217-01 - These packages provide the libxml2 library, a development toolbox providing the implementation of various XML standards, for users of MinGW. IMPORTANT NOTE: The mingw32 packages in Red Hat Enterprise Linux 6 will no longer be updated proactively and will be deprecated with the release of Red Hat Enterprise Linux 6.4. These packages were provided to support other capabilities in Red Hat Enterprise Linux and were not intended for direct customer use. Customers are advised to not use these packages with immediate effect. Future updates to these packages will be at Red Hat's discretion and these packages may be removed in a future minor release.
1cd549ed331d887cc45d0de02f4cca9d6965b1454f082a5f2089b316b13ce1f0
Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.
8b08f2840773bcd43aa00f4439e1687a278652e1b463a125bb95947245e9cf9b
VMware Security Advisory 2012-0012 - VMware ESXi update addresses several security issues.
5b4b01c7d05b407f2019d9dcb62997fbe3639d1b4af2d9e365e42c1b2fc8c4ac
Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.
8a1ec648cdab00dde0f7ff37efd462d6ad93a16f2b5d89ca92fb566b939516e3
VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.
27151f1e6ac2161133d87031a0879739a1b47509b25590993f62b5efcc45c458
Gentoo Linux Security Advisory 201202-9 - A boundary error in libxml2 could result in execution of arbitrary code or Denial of Service. Versions less than 2.7.8-r4 are affected.
bde2e1b45eb7d239fa2f7de36a8eab7009b159fc3b70d82f2e3ad79f0a447d28
Red Hat Security Advisory 2012-0104-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.
9165e3b50d8f4caa9cb36bcfa88ebf90af850df3617220c0b88374cbdcb36f8f
Debian Linux Security Advisory 2394-1 - Many security problems had been fixed in libxml2, a popular library to handle XML data files.
d5fae078b6c0ad6c78c51df892f7929b0be7131a3570eaff8a688d24b8f71737
Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.
828483a1a6bbf8065e049dfca2a65efa7ca35f2fa4a558adde9549639c05bfb7
Mandriva Linux Security Advisory 2012-005 - A heap-based buffer overflow in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct this issue.
e5939476c43e6d787878d039c49fe11ed73acf04803d9a4e3523586da840d81e
Red Hat Security Advisory 2012-0018-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash.
345d81a1fa63ea7c70fd504a3e3e0e8f3843c34ad996db6b7180e9c9fe1bccdf
Red Hat Security Advisory 2012-0017-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
8de1cd5c934d9caf3a341c7d1360226ec9cec6a4e744aa685fb458b3ca5d0e5d
Red Hat Security Advisory 2012-0016-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
71b1b4d3d81db6a48e2542cb538a368109f00aa37b462e9dc5d8f5e0f3f2b184