CVE-2012-0841
Published: 22 February 2012
libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
Priority
Status
Package | Release | Status |
---|---|---|
libxml2 Launchpad, Ubuntu, Debian |
hardy |
Released
(2.6.31.dfsg-2ubuntu1.8)
|
lucid |
Released
(2.7.6.dfsg-1ubuntu1.4)
|
|
maverick |
Released
(2.7.7.dfsg-4ubuntu0.4)
|
|
natty |
Released
(2.7.8.dfsg-2ubuntu0.3)
|
|
oneiric |
Released
(2.7.8.dfsg-4ubuntu0.2)
|
|
upstream |
Needs triage
|
|
Patches: other: http://git.gnome.org/browse/libxml2/commit/?id=8973d58b7498fa5100a876815476b81fd1a2412a vendor: http://www.debian.org/security/2012/dsa-2417 vendor: https://rhn.redhat.com/errata/RHSA-2012-0324.html |