CVE-2012-2871
Publication date 31 August 2012
Last updated 24 July 2024
Ubuntu priority
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
Status
Package | Ubuntu Release | Status |
---|---|---|
chromium-browser | 12.10 quantal |
Fixed 3.0.1271.97-0ubuntu0.12.10.1
|
12.04 LTS precise |
Fixed 3.0.1271.97-0ubuntu0.12.04.1
|
|
11.10 oneiric |
Fixed 3.0.1271.97-0ubuntu0.11.10.1
|
|
11.04 natty | Ignored end of life | |
10.04 LTS lucid |
Fixed 3.0.1271.97-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Not in release | |
libxslt | 12.10 quantal |
Not affected
|
12.04 LTS precise |
Fixed 1.1.26-8ubuntu1.2
|
|
11.10 oneiric |
Fixed 1.1.26-7ubuntu0.1
|
|
11.04 natty |
Fixed 1.1.26-6ubuntu0.1
|
|
10.04 LTS lucid |
Fixed 1.1.26-1ubuntu1.1
|
|
8.04 LTS hardy |
Fixed 1.1.22-1ubuntu1.3
|
References
Related Ubuntu Security Notices (USN)
- USN-1595-1
- libxslt vulnerabilities
- 4 October 2012