Ubuntu
libxml2 package

denial of service bug in UTF-8 handling

Bug #181985 reported by scoder on 2008-01-11

262

	Status	Importance	Assigned to
libxml2 (Ubuntu)	Fix Released	High	Matthias Klose
Dapper	Fix Released	High	Kees Cook
Edgy	Fix Released	High	Kees Cook
Feisty	Fix Released	High	Kees Cook
Gutsy	Fix Released	High	Kees Cook
Hardy	Fix Released	High	Matthias Klose

Bug Description

Binary package hint: libxml2

Daniel Veillard reported a security relevant bug on the mailing list that facilitates DoS attacks.

http://mail.gnome.org/archives/xml/2008-January/msg00036.html

The patch is here:

http://veillard.com/libxml2.patch

Related branches

lp:ubuntu/karmic/libxml2

Pedro Villavicencio (pedro) on 2008-01-11

Changed in libxml2:
importance:	Undecided → High
status:	New → Triaged

Kees Cook (kees) on 2008-01-14

Changed in libxml2:
assignee:	nobody → keescook

Kees Cook (kees) on 2008-01-14

Changed in libxml2:
assignee:	nobody → keescook
importance:	Undecided → High
status:	New → Fix Committed
assignee:	nobody → keescook
importance:	Undecided → High
status:	New → Fix Committed
assignee:	nobody → keescook
importance:	Undecided → High
status:	New → Fix Committed
assignee:	nobody → keescook
importance:	Undecided → High
status:	New → Fix Committed

Revision history for this message

Kees Cook (kees) wrote on 2008-01-15:

Released as USN-569-1.

Changed in libxml2:
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-03-12:

This bug was fixed in the package libxml2 - 2.6.31.dfsg-2ubuntu1

---------------
libxml2 (2.6.31.dfsg-2ubuntu1) hardy; urgency=low

  * Merge with Debian; remaining changes:
    - debian/rules: create a udeb for debian-installer, correct libxml2-dev
      Depends to include zlib1g-dev.
    - Build a python-libxml2-dbg package.
    - Link using -Bsymbolic-functions.
  * Fixed: USN-569-1, denial of service bug in UTF-8 handling. LP: #181985.

libxml2 (2.6.31.dfsg-2) unstable; urgency=low

  * debian/rules: Brown paper bag: uncomment $(MAKE) distclean.
    Closes: #442656.
  * xstc/Makefile.am, xstc/Makefile.in: Properly clean generated files.
  * nanohttp.c: Apply fix from svn revision 3685 to allocate enough memory
    for the Host HTTP header when containing a port number. Closes: #464173.
  * error.c: Don't grow error buffer indefinitely when vsnprintf returns -1,
    which, if it happens, on glibc-based systems, will happen indefinitely.
    Closes: #456653.

-- Matthias Klose <email address hidden> Wed, 12 Mar 2008 10:25:35 +0000

Changed in libxml2:
status:	Triaged → Fix Released

Kees Cook (kees) on 2008-03-12

Changed in libxml2:
assignee:	keescook → doko

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

Bug #182810

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulibxml2 package