安全研究
安全漏洞
libxml2 xmlCurrentChar()函数UTF-8解析远程拒绝服务漏洞
发布日期:2008-01-11
更新日期:2008-01-15
受影响系统:
XMLSoft Libxml2 < 2.6.31不受影响系统:
XMLSoft Libxml2 2.6.31描述:
BUGTRAQ ID: 27248
CVE(CAN) ID: CVE-2007-6284
libxml2软件包提供允许用户操控XML文件的函数库,包含有读、修改和写XML和HTML文件支持。
libxml库在处理包含畸形数据的XML文件时存在漏洞,远程攻击者可能利用此漏洞导致系统不可用。
libxml库的UTF-8解码函数xmlCurrentChar()没有检查UTF-8的正确性,如果用户使用链接到该库的应用程序打开了包含有多字节组合的畸形XML内容的话,就会导致函数库陷入死循环挂起,消耗大量系统资源。
<*来源:Brad Fitzpatrick
链接:http://secunia.com/advisories/28444/
http://mail.gnome.org/archives/xml/2008-January/msg00036.html
https://bugzilla.redhat.com/long_list.cgi?buglist=425927
http://www.debian.org/security/2008/dsa-1461
https://www.redhat.com/support/errata/RHSA-2008-0032.html
http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-103201-1
http://security.gentoo.org/glsa/glsa-200801-20.xml
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1461-1)以及相应补丁:
DSA-1461-1:New libxml2 packages fix denial of service
链接:http://www.debian.org/security/2008/dsa-1461
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1.dsc
Size/MD5 checksum: 884 991cf7cfdaf3ef05e95ec11f1b99b345
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1.diff.gz
Size/MD5 checksum: 127107 b142c10e523b8d72ec427382849f2d39
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16.orig.tar.gz
Size/MD5 checksum: 4008551 7b28b412498625b51d86e58e30fbdd31
Architecture independent packages:
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.16-7sarge1_all.deb
Size/MD5 checksum: 17242 ebfb4ef8a14dec1a34ad62fe6955afef
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-python2.3_2.6.16-7sarge1_all.deb
Size/MD5 checksum: 10850 7a426e3c11a74852fc695612e2bfca25
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.16-7sarge1_all.deb
Size/MD5 checksum: 930164 e4458eaa1f1080dfe1745a92c8f667e5
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_alpha.deb
Size/MD5 checksum: 178380 39cec4bba77bc3aef4aefd5f7303470d
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_alpha.deb
Size/MD5 checksum: 178364 2ce12c73236c4c341b358c92b198dbae
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_alpha.deb
Size/MD5 checksum: 177434 0fb0c05e5397d45ef0f3b46ade61b9a5
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_alpha.deb
Size/MD5 checksum: 32144 a8e00165ef4f0394e56b19d5b53689c2
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_alpha.deb
Size/MD5 checksum: 693524 6d2d2b24908645d3e7eb18a2a68f55bf
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_alpha.deb
Size/MD5 checksum: 797876 d1f891c9bc973625fe9630417d1736c8
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_amd64.deb
Size/MD5 checksum: 639976 c7e4f773476dcd7160db8f7dde721acc
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_amd64.deb
Size/MD5 checksum: 177492 036dac53f32c6de1687db56091ce7053
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_amd64.deb
Size/MD5 checksum: 629976 57128d940cbf7a3c7b0fc33c959a4412
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_amd64.deb
Size/MD5 checksum: 176350 bb18c925d5ac4a32b9671b2d10a5a3ec
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_amd64.deb
Size/MD5 checksum: 30478 f089b56d3a85b90aaef374e7334670f6
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_amd64.deb
Size/MD5 checksum: 177470 299fbaab814c6602dbe828be31857703
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_arm.deb
Size/MD5 checksum: 159118 37b60276f1605a208923b20b5b35e937
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_arm.deb
Size/MD5 checksum: 28364 ede14581faef3f86c970a1d1c1e0fc4b
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_arm.deb
Size/MD5 checksum: 157942 940113a10f6a77a2393010ea7ebbdc8e
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_arm.deb
Size/MD5 checksum: 159142 edbf498c3d5224ff5988f4e5e506781d
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_arm.deb
Size/MD5 checksum: 584958 6ad2bd0b2d9b0c5ec581f1ded97b368d
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_arm.deb
Size/MD5 checksum: 659776 6faa760c520074913612c6c04f13c391
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_hppa.deb
Size/MD5 checksum: 185554 813b9d2c5f8b142359cda44718797033
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_hppa.deb
Size/MD5 checksum: 691512 66f6713fed2673a7c65499bc3948d88d
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_hppa.deb
Size/MD5 checksum: 30762 ddd5dfa0add92fb1a45d8b5c9f330612
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_hppa.deb
Size/MD5 checksum: 185578 605633ecf2334e8f7620d8a8fe32b4ca
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_hppa.deb
Size/MD5 checksum: 721798 55ca114ed3e1fb0ae159cab73d5aad1e
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_hppa.deb
Size/MD5 checksum: 184294 6cdf988e87065a5205721e6116c0434c
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_i386.deb
Size/MD5 checksum: 591050 5143284e844b0806c7ca9fdbdc17564a
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_i386.deb
Size/MD5 checksum: 162230 253df68abbc124c535a660b97aaa4297
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_i386.deb
Size/MD5 checksum: 163274 02c5664ef3a4855a62d30713661dec97
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_i386.deb
Size/MD5 checksum: 28226 f791765de50d84da4e657a638f6c7724
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_i386.deb
Size/MD5 checksum: 163262 b8bd4effcff791316e0b3650db191d26
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_i386.deb
Size/MD5 checksum: 602092 083c076ddea6f81c19af79e6a622a83c
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_ia64.deb
Size/MD5 checksum: 185194 5a864b2d70dde6d4ffa8cdd8aadbe413
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_ia64.deb
Size/MD5 checksum: 842344 86d7e89b56255cae370aefeeeb96d0e8
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_ia64.deb
Size/MD5 checksum: 183904 62e2b5ed12e59e2368fb45f56d83c941
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_ia64.deb
Size/MD5 checksum: 38540 9f34df8ef2e01216cc8a5fa08b4f8916
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_ia64.deb
Size/MD5 checksum: 185202 9064c2260585e95a60cce48b4d74061c
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_ia64.deb
Size/MD5 checksum: 920016 bdc8c365fb1da5622994713cb89a47c9
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_mips.deb
Size/MD5 checksum: 609946 5e1f1e4202a3e7e9634392adfdad07fe
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_mips.deb
Size/MD5 checksum: 163220 a08fa2094cb4f39377afb287ce5229d1
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_mips.deb
Size/MD5 checksum: 700974 628e1ec484bc7ce129fad1515c8b5783
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_mips.deb
Size/MD5 checksum: 162038 3a45da812a45d8d85d33b5f3840fae3f
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_mips.deb
Size/MD5 checksum: 163234 0b1cc66b99d312fa45e66b7b87096b54
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_mips.deb
Size/MD5 checksum: 29496 3f4fa64beef55f29b03edf2996fd8dd3
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_powerpc.deb
Size/MD5 checksum: 165682 5ad90c7182dde3d3cf174d00137df9bd
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_powerpc.deb
Size/MD5 checksum: 632382 992847eaea206f7d712b3036f09d82aa
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_powerpc.deb
Size/MD5 checksum: 166908 d3caf8e62750c3b9df18b5364317d6de
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_powerpc.deb
Size/MD5 checksum: 31988 27f4605932172e075e73aecb6b37f860
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_powerpc.deb
Size/MD5 checksum: 166896 3993311ca8340ec597563e80e8ae04f6
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_powerpc.deb
Size/MD5 checksum: 681998 f0286ca7b57c2d130afb87a2e7f55903
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_s390.deb
Size/MD5 checksum: 183942 efa98b27ad26269269f116179a4181a0
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_s390.deb
Size/MD5 checksum: 637590 68a43b7225a3ff9750e47b2ce8fafbff
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_s390.deb
Size/MD5 checksum: 30400 e68e4ddeab759336fea8bdae170a98ae
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_s390.deb
Size/MD5 checksum: 183954 b44b12173c11bae11097e824090d637e
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_s390.deb
Size/MD5 checksum: 182594 59901b903a43b00b9a4a812138fa5110
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_s390.deb
Size/MD5 checksum: 649804 22e69a23cd59d0469ed45c07a6c4415c
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.16-7sarge1_sparc.deb
Size/MD5 checksum: 29200 7fae0af3ee437f1033b50b42d9291a52
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.16-7sarge1_sparc.deb
Size/MD5 checksum: 623322 f0852fd2bdd47faedb17501f9a3354d2
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.16-7sarge1_sparc.deb
Size/MD5 checksum: 614266 9d755c02d262c4ec9adad8397d436849
http://security.debian.org/pool/updates/main/libx/libxml2/python2.4-libxml2_2.6.16-7sarge1_sparc.deb
Size/MD5 checksum: 171374 b8e62a9c54a25427a92542eeecfa0738
http://security.debian.org/pool/updates/main/libx/libxml2/python2.3-libxml2_2.6.16-7sarge1_sparc.deb
Size/MD5 checksum: 171392 5b9ca6662c35ea726786c8b155adcec0
http://security.debian.org/pool/updates/main/libx/libxml2/python2.2-libxml2_2.6.16-7sarge1_sparc.deb
Size/MD5 checksum: 170388 05873d9dabafcbf0e83c46406a48709e
Debian 4.0 (stable)
- -------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg.orig.tar.gz
Size/MD5 checksum: 3416175 5ff71b22f6253a6dd9afc1c34778dec3
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2.diff.gz
Size/MD5 checksum: 142579 2bfdb7f543d1bb2c113056ba7c47a8fa
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2.dsc
Size/MD5 checksum: 893 ac5bb60fd79506befb89e6d63bb81d45
Architecture independent packages:
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-doc_2.6.27.dfsg-2_all.deb
Size/MD5 checksum: 1292456 add37f996a875359e75ecae4c9bef721
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_alpha.deb
Size/MD5 checksum: 37982 bd804f474a937b035ba1d4ae93beef1f
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_alpha.deb
Size/MD5 checksum: 916190 97cf9a61c0468acef543c6b493089705
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_alpha.deb
Size/MD5 checksum: 184462 32bb058f96ccdf3d96d8ab98877cbdfd
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_alpha.deb
Size/MD5 checksum: 819852 e49620aaf549e0f42daafe19446b3697
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_alpha.deb
Size/MD5 checksum: 882770 6ead0a0d5a8d0ae0b68bd363698e90a1
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_amd64.deb
Size/MD5 checksum: 36782 16832b84e2ce688cbbd76ffd4166784a
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_amd64.deb
Size/MD5 checksum: 890410 fe49261529663335d74be60721367d12
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_amd64.deb
Size/MD5 checksum: 182914 94d2d0c1dfa0be939e7b4904791533d8
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_amd64.deb
Size/MD5 checksum: 745942 53e57327592b75b05c9eee7b38411a00
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_amd64.deb
Size/MD5 checksum: 795816 a2c97e1d523794671a634c54f8138d99
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_arm.deb
Size/MD5 checksum: 34676 6b5aab661fa339dc4e7ef170188ed38b
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_arm.deb
Size/MD5 checksum: 816410 5f275d04567bb4ff2cdf33b6982d1e5f
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_arm.deb
Size/MD5 checksum: 740760 1b7e6e93b930ff32555b10eff05283d4
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_arm.deb
Size/MD5 checksum: 672372 18ab49b2dcb50a31d7c25ddc3823326c
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_arm.deb
Size/MD5 checksum: 165292 d3ab4deccf39fdca6006696dd3c3f963
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_hppa.deb
Size/MD5 checksum: 36852 7738d949e025d84c5667d53c9cf403f3
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_hppa.deb
Size/MD5 checksum: 864108 e3a94508a260d4f991eb8918e6f6584e
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_hppa.deb
Size/MD5 checksum: 191966 b9d90fa3f9a973bfe2842b5f3208d591
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_hppa.deb
Size/MD5 checksum: 856828 ef1afa089d983f53fa079a994e6fab58
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_hppa.deb
Size/MD5 checksum: 849018 0ebc8e2a0e3d20d7f934bd2ddf0f003e
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_i386.deb
Size/MD5 checksum: 755368 3fc87d8fc0659e1d018ffbb59ac8aae1
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_i386.deb
Size/MD5 checksum: 856908 fbc44fb4865f19f7fcb283ec99b53ba6
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_i386.deb
Size/MD5 checksum: 680886 733b4aa48f453a2d140a9aa57ee3f314
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_i386.deb
Size/MD5 checksum: 169040 a9f98e8d028167654639d90e03181187
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_i386.deb
Size/MD5 checksum: 34494 0282972a80e337f0992dcb4106b8122b
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_ia64.deb
Size/MD5 checksum: 48486 34b3f19c4ce8bed2ba28128afc742377
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_ia64.deb
Size/MD5 checksum: 196532 af8e2034ea28de239a6bc4584511a545
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_ia64.deb
Size/MD5 checksum: 1105058 8fc89d88515989c16c6372f6d5014ce3
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_ia64.deb
Size/MD5 checksum: 873228 1fbadfd4d88d5e9060ef05ef1442ef0a
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_ia64.deb
Size/MD5 checksum: 1078832 0d42237d6e8a124c6a041a2a6b13055a
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_mips.deb
Size/MD5 checksum: 34424 5c6fb6b9d2bddb99a34eda06eabca56e
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_mips.deb
Size/MD5 checksum: 840438 a2c9843b6e015b52db01bc2e3c9eb396
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_mips.deb
Size/MD5 checksum: 171630 5ba55f80321214ee0eed2bb7b8a10b64
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_mips.deb
Size/MD5 checksum: 769422 87c44cc7652046131abfcc9e8345afc6
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_mips.deb
Size/MD5 checksum: 925916 90b551e4742f9fc704f0d48362f0caf8
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_powerpc.deb
Size/MD5 checksum: 172728 c1571f184ce56c5ddd7dc5566d92a7ed
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_powerpc.deb
Size/MD5 checksum: 770242 7d21dccba9d10e96cdd8ce1ed79b3466
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_powerpc.deb
Size/MD5 checksum: 779176 1b2d9ccc35217fec472a3db390ca2956
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_powerpc.deb
Size/MD5 checksum: 896976 7024c07f1b0f910437513ba6f5bd7878
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_powerpc.deb
Size/MD5 checksum: 37662 3d6896da0ac4aaf7f9f239a4f9a3a516
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_s390.deb
Size/MD5 checksum: 749440 d4bf85450d358fc299df52c7c742cc24
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_s390.deb
Size/MD5 checksum: 884816 f174f9cc572a465b494d9403d76b3c9d
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_s390.deb
Size/MD5 checksum: 805010 42eb2a1f87ceb6cabfa8ba23e3c27b1e
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_s390.deb
Size/MD5 checksum: 36370 3b564945daf64add099b143a631e3f25
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_s390.deb
Size/MD5 checksum: 185722 4a0ad6d068a460806422f096c21c7197
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.6.27.dfsg-2_sparc.deb
Size/MD5 checksum: 759128 41f8e81199b7b3b8c2b55034d4bc5a54
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.6.27.dfsg-2_sparc.deb
Size/MD5 checksum: 712498 2f279ec5bd2b8427e1254f0fba9bdec7
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dbg_2.6.27.dfsg-2_sparc.deb
Size/MD5 checksum: 781060 8c7c1b07b375f1de81f9273cec6c1d26
http://security.debian.org/pool/updates/main/libx/libxml2/python-libxml2_2.6.27.dfsg-2_sparc.deb
Size/MD5 checksum: 176868 45fa6a0155f48ebac9e5f5a85db9fba1
http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-utils_2.6.27.dfsg-2_sparc.deb
Size/MD5 checksum: 34572 b310e0a4f223bbdcba80c46eb09a1c92
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2008:0032-01)以及相应补丁:
RHSA-2008:0032-01:Important: libxml2 security update
链接:https://www.redhat.com/support/errata/RHSA-2008-0032.html
Sun
---
Sun已经为此发布了一个安全公告(Sun-Alert-103201)以及相应补丁:
Sun-Alert-103201:Security Vulnerability in the libxml2 Library may Lead to a Denial of Service (DoS)
链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-103201-1
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200801-20)以及相应补丁:
GLSA-200801-20:libxml2: Denial of Service
链接:http://security.gentoo.org/glsa/glsa-200801-20.xml
所有libxml2用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.6.30-r1"
XMLSoft
-------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://veillard.com/libxml2.patch
浏览次数:4365
严重程度:0(网友投票)
绿盟科技给您安全的保障