First published: Tue Dec 05 2017(Updated: )
USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libxml2 | <2.7.8.dfsg-5.1ubuntu4.19 | 2.7.8.dfsg-5.1ubuntu4.19 |
=12.04 | ||
All of | ||
ubuntu/libxml2-utils | <2.7.8.dfsg-5.1ubuntu4.19 | 2.7.8.dfsg-5.1ubuntu4.19 |
=12.04 | ||
All of | ||
ubuntu/python-libxml2 | <2.7.8.dfsg-5.1ubuntu4.19 | 2.7.8.dfsg-5.1ubuntu4.19 |
=12.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of USN-3504-2 is CVE-2017-16932.
USN-3504-2 affects libxml2, libxml2-utils, and python-libxml2 packages on Ubuntu 12.04.
To fix the vulnerability in USN-3504-2, update the libxml2, libxml2-utils, and python-libxml2 packages to version 2.7.8.dfsg-5.1ubuntu4.19.
The severity of CVE-2017-16932 is not specified in the provided information.
You can find more information about USN-3504-2 on the Ubuntu Security Notices page: https://ubuntu.com/security/notices/USN-3504-2