Summary
The remote host is missing an update to libxml
announced via advisory FEDORA-2009-8594.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update libxml' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8594
Insight
This library allows old Gnome-1 applications to manipulate XML files.
Update Information:
This update includes patches from RHEL-3 addressing a number of security vulnerabilities:
- CVE-2004-0110 (arbitrary code execution via a long URL) - CVE-2004-0989 (arbitrary code execution via a long URL) - CVE-2009-2414 (stack consumption DoS vulnerabilities) - CVE-2009-2416 (use-after-free DoS vulnerabilities)
ChangeLog:
* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24
- renumber existing patches to free up low-numbered patches for EL-3 patches - add patch for CAN-2004-0110 and CAN-2004-0989 (#139090) - add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205) * Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Mon Apr 20 2009 Paul Howarth 1:1.8.17-22
- rebuild for %{_isa} provides/requires
* Wed Feb 25 2009 Fedora Release Engineering 1:1.8.17-21 - rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
References
Severity
Classification
-
CVE CVE-2004-0110, CVE-2004-0989, CVE-2009-2414, CVE-2009-2416 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities