Bug 645341 (CVE-2010-4008)
Summary: | CVE-2010-4008 libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | bressers, ohudlick, security-response-team, vdanen, veillard |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | libxml2 2.7.8 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-09-18 20:06:00 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 652056, 710397, 771906, 771907, 820846, 833934, 891477, 891478 | ||
Bug Blocks: | 734217, 734221, 771915, 891480 |
Description
Jan Lieskovsky
2010-10-21 10:57:57 UTC
This issue did NOT affect the versions of the libxml and libxml2 package, as shipped with Red Hat Enterprise Linux 3. This issue did NOT affect the version of the libxml2 package, as shipped with Red Hat Enterprise Linux 4. This issue affects the version of the libxml2 package, as shipped with Red Hat Enterprise Linux 5. -- This issue affects the versions of the libxml2 package, as shipped with Fedora release of 12 and 13. The CVE identifier of CVE-2010-4008 has been assigned to this issue. Statement: This issue did not affect the versions of libxml and libxml2 as shipped with Red Hat Enterprise Linux 3, and it did not affect the version of libxml2 as shipped with Red Hat Enterprise Linux 4. Created libxml2 tracking bugs for this issue Affects: fedora-all [bug 652056] This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:1749 https://rhn.redhat.com/errata/RHSA-2011-1749.html This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:0017 https://rhn.redhat.com/errata/RHSA-2012-0017.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0217 https://rhn.redhat.com/errata/RHSA-2013-0217.html |