Security Updates for Ubuntu 9.04 Jaunty Jackalope

Versione 7.18.2-8ubuntu4.1:

* SECURITY UPDATE: SSL cert hostname checking bypass with NULL byte.
- add debian/patches/cert-null-cn.patch: backported upstream changes.
- CVE-2009-2417
SSL support is provided by GnuTLS. This is the shared version of libcurl.

Versione 2.6.32.dfsg-5ubuntu4.2:

* SECURITY UPDATE: denial of service via stack overflow from crafted
root XML document element DTD definition
- parser.c: validate ctxt->depth isn't too deep
- CVE-2009-2414
* SECURITY UPDATE: denial of service via use-after-frees when parsing
Notation and Enumeration attribute types
- parser.c: use xmlFreeEnumeration before returning.
- CVE-2009-2416
* SECURITY UPDATE: heap overflow in entity name parsing
- parser.c: reintroduce the security fix for CVE-2008-3529 that got
lost somehow
- CVE-2008-3529

This package provides a library providing an extensive API to handle such XML data files.

Versione 2.6.32.dfsg-5ubuntu4.2:

* SECURITY UPDATE: denial of service via stack overflow from crafted
root XML document element DTD definition
- parser.c: validate ctxt->depth isn't too deep
- CVE-2009-2414
* SECURITY UPDATE: denial of service via use-after-frees when parsing
Notation and Enumeration attribute types
- parser.c: use xmlFreeEnumeration before returning.
- CVE-2009-2416
* SECURITY UPDATE: heap overflow in entity name parsing
- parser.c: reintroduce the security fix for CVE-2008-3529 that got
lost somehow
- CVE-2008-3529

This package provides xmllint, a tool for validating and reformatting XML documents, and xmlcatalog, a tool to parse and manipulate XML or SGML catalog files.

This package contains the files needed to use the GNOME XML library in Python programs.

If you liked this article, subscribe to the feed by clicking the image below to keep informed about new contents of the blog:

Related Post 01/06 - Software Packages in Ubuntu 9.04 “Jaunty Jackalope”, Subsection Tex, Chapter II 01/06 - Software Packages in Ubuntu 9.04 “Jaunty Jackalope”, Subsection Tex, Chapter I 01/06 - FreiOr, minimalist plugin API for video effects, plugins collection 29/05 - The Best Free Header Blogger Resorces, Chapter III 29/05 - The Best Free Header Blogger Resorces, Chapter II 28/05 - The Best Free Header Blogger Resources, Chaper I 25/05 Amarok 2.1 beta 2 released 25/05 - Abakus, calculator for KDE 20/05 - Tecnorati AdEngage versus Google AdSense 01/05 – Scenari is an open source application suite for creating professional standar multimedia documents 01/05 – Boxe, you are now free to be entertained on a laptop or connected to an HDTV 01/05 – Aptana Jaxer is a open source Ajax web server for building rich web pages and applications 28/04 – Bogofilter is a email filter that classifies mail as spam 28/04 – An overview of the Minimo Project
	Linux Links 26/07 - mcdp is a small (maybe the smallest) cd-player for linux operating system 26/07 - amSynth stands for Analogue Modeling SYNTHesizer 1.2.2 released 23/07 - Anyevent Perl, Event based transparent Client Server RPC framework 18/06 - AlsaModularSynth and QT Audio & MIDI Tools 17/06 - Pulse Audio Volume Meter previously known as Polypaudio 17/06 - Aubio external for PureData 15/06 - 25 Reasons to Convert to Linux: Businesses, educational institutions, governmental agencies and other organizations 15/06 - Csound external for PureData 0.4.1 released 13/06 - pd-Zexy, for the Pd computer music system 13/06 - Amazons is a game played on a 10x10 chess board 13/06 - PeerCast for Linux is a simple, free way to listen to radio and watch video on the Internet 11/06 - Kernel Log: the 2.6.30 Kernel is Out 11/06 - Software Packages in Ubuntu 9.04 Jaunty Jackalope, Subsection electronics, Chapter II 01/06 - ZipSlack is a special edition of Slackware Linux that can be installed onto any FAT (or FAT32) filesystem with about 100 MB of free space

Do you consider this article interesting? Share it on your network of Twitter contacts, on your Facebook wall or simply press "+1" to suggest this result in searches in Google, Linkedin, Instagram or Pinterest. Spreading content that you find relevant helps this blog to grow. Thank you!

Share on Facebook Share on Twitter Share on Google Plus

About Hugo

Ubuntu is a Linux distribution that offers an operating system predominantly focused on desktop computers but also provides support for servers. Based on Debian GNU / Linux, Ubuntu focuses on ease of use, freedom in usage restriction, regular releases (every 6 months) and ease of installation.