Bug 12566 - libxml2: CVE-2011-2834 DoS via double free in XPath handling
: libxml2: CVE-2011-2834 DoS via double free in XPath handling
Status: RESOLVED FIXED
Product: Maemo 5 Community SSU
general
: testing
: N900 Maemo
: Unspecified major (vote)
: ---
Assigned To: unassigned
: general
:
: patch, security
:
:
  Show dependency tree
 
Reported: 2012-01-28 20:07 UTC by Andre Klapper
Modified: 2012-04-07 20:05 UTC (History)
1 user (show)

See Also:


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description Andre Klapper (reporter) maemo.org 2012-01-28 20:07:05 UTC
SOFTWARE VERSION:
21.2011.38-1Tmaemo1.2 (17.01.2012)
libxml2 2.6.32.dfsg-5maemo4+0m5 as officially shipped

EXACT STEPS LEADING TO PROBLEM:
https://bugzilla.gnome.org/show_bug.cgi?id=668859

PATCH:
See https://bugzilla.gnome.org/show_bug.cgi?id=668859
Comment 1 Christian Ratzenhofer 2012-04-07 20:05:21 UTC
This has been fixed for the Community SSU Updates in package
libxml2 (2.6.32.dfsg-5maemo4+0m5+0cssu0)
which is part of the build version
21.2011.38-1Tmaemo3
(Note: 21.2011.38-1is the latest official Nokia version.
The number after it indicates the Community SSU release version.)

Commit:
https://gitorious.org/community-ssu/libxml2/commit/09975752fa14b0853daa8c1f0518810cbb12cb69

For more information about Community SSU please see
http://wiki.maemo.org/Community_SSU