이 콘텐츠는 선택한 언어로 제공되지 않습니다.

4.58. libxml2


Updated libxml2 packages that fix two bugs are now available for Red Hat Enterprise Linux 5.
The libxml2 software library is used to manipulate XML files. It includes support to read, modify and write XML and HTML files. It is also the basis for the libxslt library which processes XSLT-1.0 stylesheets.

Bug Fixes

BZ#915350
Due to errors in the internal regular expression support, libxml2 sometimes failed when validating XMLs with certain XSD and Relax-NG files. Currently, the relaxng and xmlregexp codes are modified and libxml2 can now validate XMLs with those specific XSD and Relax-NG files.
BZ#915837
Previously, an internal routine xmlDOMWrapCloneNode would fail to preserve the namespace of an XML element being copied, which caused the namespace of the parameter node to be omitted from the copy. With this update, the problem no longer occurs.
Users of libxml2 parser are advised to upgrade to these updated packages, which fix these bugs.
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating,is available from the CVE link associated with the description below.
The libxml2 library is a development toolbox providing the implementation of various XML standards.

Security Fix

CVE-2013-0338
A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption.
All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect.
Updated libxml2 packages that fix one bug are now available for Red Hat Enterprise Linux 5.
The libxml2 software library is used to manipulate XML files. Among the operations allowed, it can validate XML files against XML Schematics.

Bug Fix

BZ#987321
This update fixes a regression that was introduced by the RHBA-2013:0591 advisory. This regression added a flaw in the XML schema compilation process. This flaw caused libxml2 to fail to compile some XML schemas, indicating that they had a non-deterministic content model. The broken code is now fixed, so libxml2 can compile those schemas and validate XMLs as expected.
Users of libxml2 are advised to upgrade to these updated packages, which fix this regression. The desktop must be restarted (log out, then log back in) for this update to take effect.
Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.