Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

GNOME Project Information for VU#493966

Date Notified:
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

Please see http://lists.gnome.org/archives/gnome-announce-list/2004-February/msg00051.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

ANNOUNCE: The GNOME XML toolkit 2.6.6

  • From: Daniel Veillard <veillard redhat com>
  • To: gnome-announce-list gnome org
  • Subject: ANNOUNCE: The GNOME XML toolkit 2.6.6
  • Date: Thu, 12 Feb 2004 12:28:49 -0500 (EST)

    Application
    ===========

    The GNOME XML toolkit 2.6.6

    Description
    ===========

    Libxml2 is the XML C parser and toolkit developed for the Gnome project
    (but usable outside of the Gnome platform).
    It also provides the xmllint XML/HTML processing tool.
    This release fix a potential security problem, people are advised to
    upgrade.

    Enhancements
    ============

    - Parsers: added xmlByteConsumed(ctxt) API to get the byte offest in
    input.
    - XInclude: allow the 2001 namespace without warning.
    - reader API: structured error reporting (Steve Ball)

    Fixes
    =====

    - nanohttp and nanoftp: buffer overflow error on URI parsing (Igor and
    William)
    reported by Yuuichi Teranishi
    - make test and path issues
    - xmlWriter attribute serialization (William Brack)
    - xmlWriter indentation (William)
    - schemas validation (Eric Haszlakiewicz)
    - XInclude dictionnaries issues (William and Oleg Paraschenko)
    - XInclude empty fallback (William)
    - HTML warnings (William)
    - XPointer in XInclude (William)
    - Python namespace serialization
    - isolat1ToUTF8 bound error (Alfred Mickautsch)
    - output of parameter entities in internal subset (William)
    - internal subset bug in push mode
    - <xs:all> fix (Alexey Sarytchev)
    - Build: fix for automake-1.8 (Alexander Winston)
    warnings removal (Philip Ludlam)
    SOCKLEN_T detection fixes (Daniel Richard)
    fix --with-minimum configuration.
    - Documentation: missing example/index.html (John Fleck)
    version dependancies (John Fleck)
    - Windows compilation: mingw, msys (Mikhail Grushinskiy),
    function prototype (Cameron Johnson),
    MSVC6 compiler warnings,
    _WINSOCKAPI_ patch

    Download
    ========

    ftp://xmlsoft.org/

    Website
    =======

    http://xmlsoft.org/

    GNOME Software Map entry
    ========================

    http://www.gnome.org/softwaremap/projects/libxml

    If you have feedback, comments, or additional information about this vulnerability, please send us email.
     

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information