[El-errata] ELSA-2012-0324 Moderate: Oracle Linux 5 libxml2 security update

Fri Mar 9 15:29:14 PST 2012

Oracle Linux Security Advisory ELSA-2012-0324

https://rhn.redhat.com/errata/RHSA-2012-0324.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
libxml2-2.6.26-2.1.15.0.1.el5_8.2.i386.rpm
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.2.i386.rpm
libxml2-python-2.6.26-2.1.15.0.1.el5_8.2.i386.rpm

x86_64:
libxml2-2.6.26-2.1.15.0.1.el5_8.2.i386.rpm
libxml2-2.6.26-2.1.15.0.1.el5_8.2.x86_64.rpm
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.2.i386.rpm
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.2.x86_64.rpm
libxml2-python-2.6.26-2.1.15.0.1.el5_8.2.x86_64.rpm

ia64:
libxml2-2.6.26-2.1.15.0.1.el5_8.2.i386.rpm
libxml2-2.6.26-2.1.15.0.1.el5_8.2.ia64.rpm
libxml2-devel-2.6.26-2.1.15.0.1.el5_8.2.ia64.rpm
libxml2-python-2.6.26-2.1.15.0.1.el5_8.2.ia64.rpm

SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/libxml2-2.6.26-2.1.15.0.1.el5_8.2.src.rpm

Description of changes:

[2.6.26-2.1.15.0.1.el5_8.2]
- Add libxml2-enterprise.patch
- Replaced docs/redhat.gif in tarball with updated image

[2.6.26-2.1.15.el5_8.2]
- fix previous build to force compilation of randomization code
- Resolves: rhbz#788843

[2.6.26-2.1.15.el5_8.1]
- adds randomization to hash and dict structures CVE-2012-0841
- Resolves: rhbz#788843

[2.6.26-2.1.15.el5]
- Fix the semantic of XPath axis for namespace/attribute nodes CVE-2010-4008
- Fix an off by one error in encoding CVE-2011-0216
- Fix some potential problems on reallocation failures CVE-2011-1944
- Fix missing error status in XPath evaluation CVE-2011-2834
- Make sure the parser returns when getting a Stop order CVE-2011-3905
- Fix an allocation error when copying entities CVE-2011-3919.patch
- Resolves: rhbz#771907

[2.6.26-2.1.14]
- fix schemas validation of empty integer values (rhbz#743737)

[2.6.26-2.1.13]
- Fix a potential crasher in XPath or XSLT, CVE-2011-1944
- Resolves: rhbz#710395