oss-sec mailing list archives
Re: Re: libxml2 denial of service flaw (CVE-2008-3281)
From: Tomas Hoger <thoger () redhat com>
Date: Mon, 25 Aug 2008 18:11:36 +0200
On Mon, 25 Aug 2008 09:58:38 -0600 Vincent Danen <vdanen () linsec ca> wrote:
Does anyone know if this affects anything other than librsvg? If so, the patch approach to fixing libxml2 would be better. I've just started looking into this today, so I'm not quite up to speed on this, but it looks like there are problems with the gnome menus as well.
librsvg and strigi are known to be affected, according to the Debian bug. Rebuild against new libxml2 should do the trick, if that's the way you can go.
Has anyone tried this new patch?
Being tested now. -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- Re: libxml2 denial of service flaw (CVE-2008-3281) Robert Buchholz (Aug 23)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Tomas Hoger (Aug 25)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
- Re: [vendor-sec] Re: [oss-security] Re: libxml2 denial of service flaw (CVE-2008-3281) Florian Weimer (Aug 25)
- Re: Re: [vendor-sec] Re: [oss-security] Re: libxml2 denial of service flaw (CVE-2008-3281) Vincent Danen (Aug 25)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)
- Re: Re: libxml2 denial of service flaw (CVE-2008-3281) Nico Golde (Aug 24)