Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHSA-2012:0324-01

Overview

Id RHSA-2012:0324-01
Name Red Hat 2012:0324-01 RHSA Moderate: libxml2 security update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 21 Feb 2012 12:00:00

RHSA-2012:0324-01

Red Hat 2012:0324-01 RHSA Moderate: libxml2 security update for RHEL 5 x86

Vendor Name

red_hat

Product

None

Released On

21 Feb 2012 12:00:00

Url

https://rhn.redhat.com/errata/RHSA-2012-0324.html

Description

LSAC(v2)
The libxml2 library is a development toolbox providing the implementation of various XML standards. It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially-crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.

Related Resources

Related Vulnerabilities

CVE-2012-0841  

Related Patches

Superseded Patches


Last Updated: 27 May 2016 11:12:45