Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2013-0217)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.123735
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2013-0217)
Summary:	The remote host is missing an update for the 'mingw32-libxml2' package(s) announced via the ELSA-2013-0217 advisory.
Description:	Summary: The remote host is missing an update for the 'mingw32-libxml2' package(s) announced via the ELSA-2013-0217 advisory. Vulnerability Insight: [2.7.6-6] - Synchronize patch-set with mainline-version. - Bump version to 5, 6. Related: rhbz#891477 [2.7.6-4] - Change release number to 4. - Added patch libxml2-Fix-an-off-by-one-pointer-access.patch - Added patch libxml2-Fix-a-segfault-on-XSD-validation-on-pattern-error.patch - Added patch libxml2-Fix-entities-local-buffers-size-problems.patch - Added patch libxml2-gnome-bug-561340-fix.patch - Added patch for CVE-2012-0841 - Added patch for CVE-2011-0216 - Added patch for CVE-2011-2834 - Added patch for CVE-2011-3919 - Added patch for CVE-2011-1944 - Added patch for CVE-2011-3905 Related: rhbz#891477 Affected Software/OS: 'mingw32-libxml2' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4008 http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html BugTraq ID: 44779 http://www.securityfocus.com/bid/44779 Debian Security Information: DSA-2128 (Google Search) http://www.debian.org/security/2010/dsa-2128 HPdes Security Advisory: HPSBGN02970 http://marc.info/?l=bugtraq&m=139447903326211&w=2 HPdes Security Advisory: HPSBMA02662 http://marc.info/?l=bugtraq&m=130331363227777&w=2 HPdes Security Advisory: SSRT100409 http://www.mandriva.com/security/advisories?name=MDVSA-2010:243 http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/ http://mail.gnome.org/archives/xml/2010-November/msg00015.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148 http://www.redhat.com/support/errata/RHSA-2011-1749.html RedHat Security Advisories: RHSA-2013:0217 http://rhn.redhat.com/errata/RHSA-2013-0217.html http://secunia.com/advisories/40775 http://secunia.com/advisories/42109 http://secunia.com/advisories/42175 http://secunia.com/advisories/42314 http://secunia.com/advisories/42429 SuSE Security Announcement: SUSE-SR:2010:023 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html http://www.ubuntu.com/usn/USN-1016-1 http://www.vupen.com/english/advisories/2010/3046 http://www.vupen.com/english/advisories/2010/3076 http://www.vupen.com/english/advisories/2010/3100 http://www.vupen.com/english/advisories/2011/0230 Common Vulnerability Exposure (CVE) ID: CVE-2010-4494 http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html Debian Security Information: DSA-2137 (Google Search) http://www.debian.org/security/2010/dsa-2137 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:260 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916 http://secunia.com/advisories/42472 http://secunia.com/advisories/42721 http://secunia.com/advisories/42762 SuSE Security Announcement: SUSE-SR:2011:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://www.vupen.com/english/advisories/2010/3319 http://www.vupen.com/english/advisories/2010/3336 Common Vulnerability Exposure (CVE) ID: CVE-2011-0216 http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html Debian Security Information: DSA-2394 (Google Search) http://www.debian.org/security/2012/dsa-2394 http://www.mandriva.com/security/advisories?name=MDVSA-2011:188 Common Vulnerability Exposure (CVE) ID: CVE-2011-1944 http://lists.apple.com/archives/security-announce/2012/May/msg00001.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html BugTraq ID: 48056 http://www.securityfocus.com/bid/48056 Debian Security Information: DSA-2255 (Google Search) http://www.debian.org/security/2011/dsa-2255 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html HPdes Security Advisory: HPSBMU02786 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041 HPdes Security Advisory: SSRT100877 http://www.mandriva.com/security/advisories?name=MDVSA-2011:131 http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html http://www.openwall.com/lists/oss-security/2011/05/31/8 http://www.osvdb.org/73248 http://secunia.com/advisories/44711 SuSE Security Announcement: openSUSE-SU-2011:0839 (Google Search) http://lists.opensuse.org/opensuse-updates/2011-07/msg00035.html http://ubuntu.com/usn/usn-1153-1 Common Vulnerability Exposure (CVE) ID: CVE-2011-2821 http://www.mandriva.com/security/advisories?name=MDVSA-2011:145 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13840 Common Vulnerability Exposure (CVE) ID: CVE-2011-2834 http://osvdb.org/75560 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14410 XForce ISS Database: chrome-libxml-code-execution(69885) https://exchange.xforce.ibmcloud.com/vulnerabilities/69885 Common Vulnerability Exposure (CVE) ID: CVE-2011-3102 http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html BugTraq ID: 53540 http://www.securityfocus.com/bid/53540 Debian Security Information: DSA-2479 (Google Search) http://www.debian.org/security/2012/dsa-2479 http://www.mandriva.com/security/advisories?name=MDVSA-2012:098 http://www.mandriva.com/security/advisories?name=MDVSA-2013:056 http://www.securitytracker.com/id?1027067 http://secunia.com/advisories/49243 http://secunia.com/advisories/50658 http://secunia.com/advisories/54886 http://secunia.com/advisories/55568 SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html SuSE Security Announcement: openSUSE-SU-2012:0656 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00017.html SuSE Security Announcement: openSUSE-SU-2012:0731 (Google Search) https://lists.opensuse.org/opensuse-updates/2012-06/msg00011.html XForce ISS Database: google-chrome-libxml-code-exec(75607) https://exchange.xforce.ibmcloud.com/vulnerabilities/75607 Common Vulnerability Exposure (CVE) ID: CVE-2011-3905 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14761 Common Vulnerability Exposure (CVE) ID: CVE-2011-3919 BugTraq ID: 51300 http://www.securityfocus.com/bid/51300 http://www.mandriva.com/security/advisories?name=MDVSA-2012:005 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14504 http://www.securitytracker.com/id?1026487 http://secunia.com/advisories/47449 Common Vulnerability Exposure (CVE) ID: CVE-2012-0841 1026723 http://securitytracker.com/id?1026723 52107 http://www.securityfocus.com/bid/52107 54886 55568 APPLE-SA-2013-09-18-2 APPLE-SA-2013-10-22-8 DSA-2417 http://www.debian.org/security/2012/dsa-2417 MDVSA-2013:150 http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 RHSA-2012:0324 http://rhn.redhat.com/errata/RHSA-2012-0324.html RHSA-2013:0217 SUSE-SU-2013:1627 [oss-security] 20120222 libxml2: hash table collisions CPU usage DoS http://www.openwall.com/lists/oss-security/2012/02/22/1 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846 http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a http://support.apple.com/kb/HT5934 http://support.apple.com/kb/HT6001 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf http://xmlsoft.org/news.html https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of Common Vulnerability Exposure (CVE) ID: CVE-2012-5134 BugTraq ID: 56684 http://www.securityfocus.com/bid/56684 Debian Security Information: DSA-2580 (Google Search) http://www.debian.org/security/2012/dsa-2580 RedHat Security Advisories: RHSA-2012:1512 http://rhn.redhat.com/errata/RHSA-2012-1512.html http://www.securitytracker.com/id?1027815 http://secunia.com/advisories/51448 SuSE Security Announcement: openSUSE-SU-2012:1637 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00004.html SuSE Security Announcement: openSUSE-SU-2013:0178 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00023.html http://www.ubuntu.com/usn/USN-1656-1 XForce ISS Database: google-libxml-buffer-underflow(80294) https://exchange.xforce.ibmcloud.com/vulnerabilities/80294
Copyright	Copyright (C) 2015 Greenbone AG