Pointer use-after-free flaws were found in libxml by parsing Notation and Enumeration attribute types. A remote attacker could provide a specially-crafted XML file, which once opened by a local, unsuspecting user would lead to denial of service (application crash).
The 3 patches for libxml2 in RHEL-3/4/5 were attached to #515195 Daniel
libxml2-2.7.3-3.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/libxml2-2.7.3-3.fc11
libxml2-2.7.3-2.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/libxml2-2.7.3-2.fc10
Richard, could you schedule the mingw32-libxml2 Fedora updates? Thanks, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:1206 https://rhn.redhat.com/errata/RHSA-2009-1206.html
libxml2-2.7.3-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
libxml2-2.7.3-3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
libxml-1.8.17-24.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/libxml-1.8.17-24.fc11
libxml-1.8.17-24.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/libxml-1.8.17-24.fc10
mingw32-libxml2-2.7.3-2.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/mingw32-libxml2-2.7.3-2.fc11
mingw32-libxml2-2.7.3-2.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
libxml-1.8.17-24.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
libxml-1.8.17-24.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.