CVE-2011-2821
Priority
Low
Description
Double free vulnerability in libxml2, as used in Google Chrome before
13.0.782.215, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via a crafted XPath expression.
13.0.782.215, allows remote attackers to cause a denial of service or
possibly have unspecified other impact via a crafted XPath expression.
References
Notes
mdeslaur> debian says it's
mdeslaur> http://git.gnome.org/browse/libxml2/commit/?id=fec31bcd452e77c10579467ca87a785b41115de6
jdstrand> patch too risky for Ubuntu 8.04 LTS
mdeslaur> http://git.gnome.org/browse/libxml2/commit/?id=fec31bcd452e77c10579467ca87a785b41115de6
jdstrand> patch too risky for Ubuntu 8.04 LTS
Assigned-to
jdstrand
Package
| Upstream: | released (2.7.8.dfsg-5) |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (2.7.6.dfsg-1ubuntu1.3) |
| Ubuntu 10.10 (Maverick Meerkat): | released (2.7.7.dfsg-4ubuntu0.3) |
| Ubuntu 11.04 (Natty Narwhal): | released (2.7.8.dfsg-2ubuntu0.2) |
| Ubuntu 11.10 (Oneiric Ocelot): | released (2.7.8.dfsg-4ubuntu0.1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (2.7.8.dfsg-5) |
Patches:
| Upstream: | http://git.gnome.org/browse/libxml2/commit/?id=f5048b3e71fc30ad096970b8df6e7af073bae4cb |
| Upstream: | http://git.gnome.org/browse/libxml2/commit/?id=fec31bcd452e77c10579467ca87a785b41115de6 |
Package
| Upstream: | released (13.0.782.215) |
| Ubuntu 8.04 LTS (Hardy Heron): | DNE |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (14.0.835.202~r103287-0ubuntu0.10.04.2) |
| Ubuntu 10.10 (Maverick Meerkat): | released (14.0.835.202~r103287-0ubuntu0.10.10.1) |
| Ubuntu 11.04 (Natty Narwhal): | released (14.0.835.202~r103287-0ubuntu0.11.04.1) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (13.0.782.215~r97094-0ubuntu1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (13.0.782.215~r97094-0ubuntu1) |