English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Ubuntu update for libxml2


Secunia ID

SA51478

CVE-ID

CVE-2012-5134

Release Date

06 Dec 2012

Criticality

Highly Critical

Solution Status

Vendor Patch

Where

From remote

Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Description

Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.

For more information see vulnerability #2 in:
SA48000

Solution

Apply updated packages.

-- Ubuntu 12.04 LTS --
https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-5.1ubuntu4.3

-- Ubuntu 11.10 --
https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-4ubuntu0.5

-- Ubuntu 10.04 LTS --
https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1ubuntu1.7

-- Ubuntu 8.04 LTS --
https://launchpad.net/ubuntu/+source/libxml2/2.6.31.dfsg-2ubuntu1.11

Original Advisory

USN-1656-1:
http://www.ubuntu.com/usn/usn-1656-1/