oss-sec mailing list archives
Re: libxml security fix from apple ... any information?
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Fri, 29 Jul 2011 09:57:24 +0530
On 07/28/2011 06:52 PM, Marcus Meissner wrote:
Hi folks, Billy, Daniel, On http://support.apple.com/kb/HT4808 there is a libxml security issue listed: ----------------------------------------- libxml Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution. CVE-ID CVE-2011-0216 : Billy Rios of the Google Security Team ----------------------------------------- I suspect this is libxml2 and it likely also affects Linux? If this is correct, could you identify the commit fixing this issue?
As far as i know, this does not affect linux -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- libxml security fix from apple ... any information? Marcus Meissner (Jul 28)
- Re: libxml security fix from apple ... any information? Huzaifa Sidhpurwala (Jul 28)
- Re: libxml security fix from apple ... any information? Billy Rios (Jul 28)
- Re: Re: libxml security fix from apple ... any information? Thomas Biege (Jul 29)
- Re: Re: libxml security fix from apple ... any information? Moritz Muehlenhoff (Jul 29)
- Re: Re: libxml security fix from apple ... any information? Jeffrey Czerniak (Jul 30)
- Re: libxml security fix from apple ... any information? Solar Designer (Jul 30)
- Re: Re: libxml security fix from apple ... any information? Thomas Biege (Jul 29)
- Re: libxml security fix from apple ... any information? Daniel Veillard (Aug 04)