Debian security update DSA-1631-1
Date Reported:
22 Aug 2008
Affected Packages:
libxml2
Vulnerable:
Yes
Security database references:
In Mitre’s CVE dictionary: CVE-2008-3281.
More information:
Andreas Solberg discovered that libxml2, the GNOME XML library, could be forced to recursively evaluate entities, until available CPU & memory resources were exhausted.
For the stable distribution (etch), this problem has been fixed in version 2.6.27.dfsg-3.
For the unstable distribution (sid), this problem will be [...]
•