Skip to navigation

Security Advisory Low: libxml2 security and bug fix update

Advisory: RHSA-2011:1749-3
Type: Security Advisory
Severity: Low
Issued on: 2011-12-06
Last updated on: 2011-12-06
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2010-4008
CVE-2010-4494
CVE-2011-0216
CVE-2011-1944
CVE-2011-2821
CVE-2011-2834

Details

Updated libxml2 packages that fix several security issues and various bugs
are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The libxml2 library is a development toolbox providing the implementation
of various XML standards. One of those standards is the XML Path Language
(XPath), which is a language for addressing parts of an XML document.

An off-by-one error, leading to a heap-based buffer overflow, was found in
the way libxml2 parsed certain XML files. A remote attacker could provide
a specially-crafted XML file that, when opened in an application linked
against libxml2, would cause the application to crash or, potentially,
execute arbitrary code with the privileges of the user running the
application. (CVE-2011-0216)

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way libxml2 parsed certain XPath expressions. If an attacker
were able to supply a specially-crafted XML file to an application using
libxml2, as well as an XPath expression for that application to run against
the crafted file, it could cause the application to crash or, possibly,
execute arbitrary code. (CVE-2011-1944)

Multiple flaws were found in the way libxml2 parsed certain XPath
expressions. If an attacker were able to supply a specially-crafted XML
file to an application using libxml2, as well as an XPath expression for
that application to run against the crafted file, it could cause the
application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821,
CVE-2011-2834)

Note: Red Hat does not ship any applications that use libxml2 in a way that
would allow the CVE-2011-1944, CVE-2010-4008, CVE-2010-4494, CVE-2011-2821,
and CVE-2011-2834 flaws to be exploited; however, third-party applications
may allow XPath expressions to be passed which could trigger these flaws.

Red Hat would like to thank the Google Security Team for reporting the
CVE-2010-4008 issue. Upstream acknowledges Bui Quang Minh from Bkis as the
original reporter of CVE-2010-4008.

This update also fixes the following bugs:

* A number of patches have been applied to harden the XPath processing code
in libxml2, such as fixing memory leaks, rounding errors, XPath numbers
evaluations, and a potential error in encoding conversion. (BZ#732335)

All users of libxml2 are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. The desktop must
be restarted (log out, then log back in) for this update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
libxml2-2.7.6-4.el6.src.rpm
File outdated by:  RHBA-2013:1737
    MD5: d66d80435c3431b81db6b8ef9b01db91
SHA-256: 5521d1fee4c751bcd14e7d20e6c41d19ecd56de46864775ef6a85237d20d166b
 
IA-32:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-python-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: ed4bfcea341bc4a1c4e18dd47a2e952d
SHA-256: 928c4be8e6426f30c64bb615f104bffb9a5b3572694776100f5546f1a3d053d3
libxml2-static-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 73d897e41022d29135046456c9f3e18a
SHA-256: 674c099c0a111c2e0163f3d54f65575ceeb1d790d88b570d2689503fe8d53a63
 
x86_64:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 07e42ee9fddc76e0a5193fc9c38dfaa6
SHA-256: c415a37550cba9dce59b4a45c240399082011d983571976ce10296074b55568f
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-debuginfo-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: b5efd4b26d776646e73d2711aed39040
SHA-256: d0ac0e09eb9cb3311acfc78c237092b5952f80335f19ca13cf6a49ccf1be5457
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-devel-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 3c39444dbbada774ed89b8ae06aea9c4
SHA-256: e85e0357e31661c4be138e75fad35562b6978a11d4387cb4a32dbafaae9f5f75
libxml2-python-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: d3f27a80d09cf7436dffe6144b6f2569
SHA-256: 4d459d9c3faa3a7714ad01cb5ffe1e54c4f8bfad1d51020d4268466500ce896c
libxml2-static-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 2066928c5d52690f43a799efb58de99b
SHA-256: cf5264236aacffa493e7f416773ed1018dcb0c7a917688b4b4cbf655a1b5d032
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
libxml2-2.7.6-4.el6.src.rpm
File outdated by:  RHBA-2013:1737
    MD5: d66d80435c3431b81db6b8ef9b01db91
SHA-256: 5521d1fee4c751bcd14e7d20e6c41d19ecd56de46864775ef6a85237d20d166b
 
x86_64:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 07e42ee9fddc76e0a5193fc9c38dfaa6
SHA-256: c415a37550cba9dce59b4a45c240399082011d983571976ce10296074b55568f
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-debuginfo-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: b5efd4b26d776646e73d2711aed39040
SHA-256: d0ac0e09eb9cb3311acfc78c237092b5952f80335f19ca13cf6a49ccf1be5457
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-devel-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 3c39444dbbada774ed89b8ae06aea9c4
SHA-256: e85e0357e31661c4be138e75fad35562b6978a11d4387cb4a32dbafaae9f5f75
libxml2-python-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: d3f27a80d09cf7436dffe6144b6f2569
SHA-256: 4d459d9c3faa3a7714ad01cb5ffe1e54c4f8bfad1d51020d4268466500ce896c
libxml2-static-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 2066928c5d52690f43a799efb58de99b
SHA-256: cf5264236aacffa493e7f416773ed1018dcb0c7a917688b4b4cbf655a1b5d032
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
libxml2-2.7.6-4.el6.src.rpm
File outdated by:  RHBA-2013:1737
    MD5: d66d80435c3431b81db6b8ef9b01db91
SHA-256: 5521d1fee4c751bcd14e7d20e6c41d19ecd56de46864775ef6a85237d20d166b
 
IA-32:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-python-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: ed4bfcea341bc4a1c4e18dd47a2e952d
SHA-256: 928c4be8e6426f30c64bb615f104bffb9a5b3572694776100f5546f1a3d053d3
libxml2-static-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 73d897e41022d29135046456c9f3e18a
SHA-256: 674c099c0a111c2e0163f3d54f65575ceeb1d790d88b570d2689503fe8d53a63
 
PPC:
libxml2-2.7.6-4.el6.ppc.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0c3786229014a1ade476fd67513b81f7
SHA-256: 86f539ccdeae8b0dbfce1578e2b2aed05b2a470483038f6bf48de44b0e451d5f
libxml2-2.7.6-4.el6.ppc64.rpm
File outdated by:  RHBA-2013:1737
    MD5: e18df6ab6253238e117b1aadf10fb3c6
SHA-256: 3610caecd29cf01781ce3a0c95bf7041f884b1904b74efcba011d44629fda8fa
libxml2-debuginfo-2.7.6-4.el6.ppc.rpm
File outdated by:  RHBA-2013:1737
    MD5: b507e4e2fb625752fa3b8e1cdd15cda7
SHA-256: 92c5eda811b964b9bbc693bf526dff019a937426ae7a95fb184a7227ec631e7b
libxml2-debuginfo-2.7.6-4.el6.ppc64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 53100668452cf26c8bc79daa4357019b
SHA-256: f61ca6e52f289353ee59a35e9be5b1346b61a985b17a2fbee97895af024afdaf
libxml2-devel-2.7.6-4.el6.ppc.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0b7bf6e7aaf9ab46e38a795666415817
SHA-256: 7f1ac328614570f8b3ee221acef7a3072e293dfbb4b1acb033de9f8fafb3d3a7
libxml2-devel-2.7.6-4.el6.ppc64.rpm
File outdated by:  RHBA-2013:1737
    MD5: bf75a6b1301badca50e0e26a30eb49ca
SHA-256: 047328ef9932eccbdf11f9df8f9245b1723638a180cb66e1cc6bf20fd2b6274f
libxml2-python-2.7.6-4.el6.ppc64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 7ff5d0cad972a1ecc99d3ea2988b1fa5
SHA-256: d23265804b7d6a97ee94f33bc7b779699875798862d96da1c88a5de708b7ba4d
libxml2-static-2.7.6-4.el6.ppc64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 6415ba488027272af71b60b1eb5462b2
SHA-256: 7f30392fa766a5ddd47fdad51f0aec6df8e315982a6630bad729df18a3a94d14
 
s390x:
libxml2-2.7.6-4.el6.s390.rpm
File outdated by:  RHBA-2013:1737
    MD5: 49c1bd82e827e1a6b8d250e76a150f8f
SHA-256: 4a6870a8e934bb9544b47c19af5278b89cd2c4055569525ca053b5f686142840
libxml2-2.7.6-4.el6.s390x.rpm
File outdated by:  RHBA-2013:1737
    MD5: 2a4a1fbae3e9845486715c2252abc5eb
SHA-256: ee2a36933a2d6d081b9c88015db1253937dea03ae4d4571adaa6407b3266be81
libxml2-debuginfo-2.7.6-4.el6.s390.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0b95fcf55072830b9e5ede8d8b99313e
SHA-256: e426de13e0f8dffb2c55906a04152a7cb2e725e53abcfd14498aa47e83f3d4cc
libxml2-debuginfo-2.7.6-4.el6.s390x.rpm
File outdated by:  RHBA-2013:1737
    MD5: 69920308e11bb6117a98542b5c6520fe
SHA-256: 4cd480b121235f3326501ae4f7e987d3ae54b20f7a37136b5b62343ea4adcabd
libxml2-devel-2.7.6-4.el6.s390.rpm
File outdated by:  RHBA-2013:1737
    MD5: 84f5966a5c276b6b83f0ef7b91496aab
SHA-256: 92baa7acd20bb15ffe01b36573fa793caf71912d1c2d0149ac6d5b8236996cfc
libxml2-devel-2.7.6-4.el6.s390x.rpm
File outdated by:  RHBA-2013:1737
    MD5: fe7c16d6297e928f058386c9f5de98a7
SHA-256: 1e0e57d1a52ba2ee835a291ac44a1314f6ff0036db99ad26954f53cd51d341ec
libxml2-python-2.7.6-4.el6.s390x.rpm
File outdated by:  RHBA-2013:1737
    MD5: 15725fb1c3ac2d2da5e76e00f582b6b9
SHA-256: 62a9d0d2d664d63faad832c162c8aa0455991ee26b44a0d58f44c0f4918ec084
libxml2-static-2.7.6-4.el6.s390x.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b30aa514e83c76dbb4c5abf0e734543
SHA-256: 982736c76755bfadc6b326a7bfef5ace63fe479ef79958f418968facdc561822
 
x86_64:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 07e42ee9fddc76e0a5193fc9c38dfaa6
SHA-256: c415a37550cba9dce59b4a45c240399082011d983571976ce10296074b55568f
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-debuginfo-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: b5efd4b26d776646e73d2711aed39040
SHA-256: d0ac0e09eb9cb3311acfc78c237092b5952f80335f19ca13cf6a49ccf1be5457
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-devel-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 3c39444dbbada774ed89b8ae06aea9c4
SHA-256: e85e0357e31661c4be138e75fad35562b6978a11d4387cb4a32dbafaae9f5f75
libxml2-python-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: d3f27a80d09cf7436dffe6144b6f2569
SHA-256: 4d459d9c3faa3a7714ad01cb5ffe1e54c4f8bfad1d51020d4268466500ce896c
libxml2-static-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 2066928c5d52690f43a799efb58de99b
SHA-256: cf5264236aacffa493e7f416773ed1018dcb0c7a917688b4b4cbf655a1b5d032
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
libxml2-2.7.6-4.el6.src.rpm
File outdated by:  RHBA-2013:1737
    MD5: d66d80435c3431b81db6b8ef9b01db91
SHA-256: 5521d1fee4c751bcd14e7d20e6c41d19ecd56de46864775ef6a85237d20d166b
 
IA-32:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-python-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: ed4bfcea341bc4a1c4e18dd47a2e952d
SHA-256: 928c4be8e6426f30c64bb615f104bffb9a5b3572694776100f5546f1a3d053d3
libxml2-static-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 73d897e41022d29135046456c9f3e18a
SHA-256: 674c099c0a111c2e0163f3d54f65575ceeb1d790d88b570d2689503fe8d53a63
 
x86_64:
libxml2-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 54389bf4a719152bd7a51d1e6fade46b
SHA-256: 050aa00b2d9b99081dc60caa468ba5f154614e5a7175e510149656d35198f256
libxml2-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 07e42ee9fddc76e0a5193fc9c38dfaa6
SHA-256: c415a37550cba9dce59b4a45c240399082011d983571976ce10296074b55568f
libxml2-debuginfo-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 0bd3465f0a07f5d59fa577f2a56e0815
SHA-256: fd668c18b375dcc07256a3f891d61618a2a025bab39b458452cb13877e299769
libxml2-debuginfo-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: b5efd4b26d776646e73d2711aed39040
SHA-256: d0ac0e09eb9cb3311acfc78c237092b5952f80335f19ca13cf6a49ccf1be5457
libxml2-devel-2.7.6-4.el6.i686.rpm
File outdated by:  RHBA-2013:1737
    MD5: 1b120de5ea5ff840e04e323a6ebc24d6
SHA-256: 9c205a6d9b87409fec1a7a74c10e13ae8bb3074b8b48e4fdba28768eee131da2
libxml2-devel-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 3c39444dbbada774ed89b8ae06aea9c4
SHA-256: e85e0357e31661c4be138e75fad35562b6978a11d4387cb4a32dbafaae9f5f75
libxml2-python-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: d3f27a80d09cf7436dffe6144b6f2569
SHA-256: 4d459d9c3faa3a7714ad01cb5ffe1e54c4f8bfad1d51020d4268466500ce896c
libxml2-static-2.7.6-4.el6.x86_64.rpm
File outdated by:  RHBA-2013:1737
    MD5: 2066928c5d52690f43a799efb58de99b
SHA-256: cf5264236aacffa493e7f416773ed1018dcb0c7a917688b4b4cbf655a1b5d032
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

645341 - CVE-2010-4008 libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis
665963 - CVE-2010-4494 libxml2: double-free in XPath processing code
709747 - CVE-2011-1944 libxml, libxml2: Heap-based buffer overflow by adding new namespace node to an existing nodeset or merging nodesets
724906 - CVE-2011-0216 libxml2: Off-by-one error leading to heap-based buffer overflow in encoding
732335 - Fix various problems and harden the XPath evaluation engine
735712 - CVE-2011-2821 libxml2: double free caused by malformed XPath expression in XSLT
735751 - CVE-2011-2834 libxml2: double-free caused by malformed XPath expression in XSLT


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/