Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: libxml security fix from apple ... any information?
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Fri, 29 Jul 2011 09:57:24 +0530

On 07/28/2011 06:52 PM, Marcus Meissner wrote:
Hi folks, Billy, Daniel,

On
http://support.apple.com/kb/HT4808
there is a libxml security issue listed:

-----------------------------------------
libxml

Available for: Windows 7, Vista, XP SP2 or later

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code 
execution

Description: A one-byte heap buffer overflow existed in libxml's handling of XML data. Visiting a maliciously crafted 
website may lead to an unexpected application termination or arbitrary code execution.

CVE-ID

CVE-2011-0216 : Billy Rios of the Google Security Team
-----------------------------------------

I suspect this is libxml2 and it likely also affects Linux?

If this is correct, could you identify the commit fixing this issue?


As far as i know, this does not affect linux


-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]