Upstream information

CVE-2013-2877 at MITRE

Description

parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.96
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entries: 828893 [RESOLVED / FIXED], 829077 [RESOLVED / FIXED], 854869 [RESOLVED / FIXED], 877506 [VERIFIED / INVALID]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Patchnames:
sledsp2-libxml2
SUSE Linux Enterprise Desktop 11 SP3
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Patchnames:
sledsp3-libxml2
SUSE Linux Enterprise Server 11 SP1-LTSS
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Patchnames:
slessp1-libxml2
SUSE Linux Enterprise Server 11 SP2
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
  • libxml2-x86 >= 2.7.6-0.25.1
Patchnames:
slessp2-libxml2
SUSE Linux Enterprise Server 11 SP3
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
  • libxml2-x86 >= 2.7.6-0.31.1
Patchnames:
slessp3-libxml2
SUSE Linux Enterprise Server 11 SP4
  • libxml2 >= 2.7.6-0.31.1
  • libxml2-32bit >= 2.7.6-0.31.1
  • libxml2-doc >= 2.7.6-0.31.1
  • libxml2-x86 >= 2.7.6-0.31.1
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA libxml2
SUSE Linux Enterprise Server for VMWare 11 SP2
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
  • libxml2-x86 >= 2.7.6-0.25.1
Patchnames:
slessp2-libxml2
SUSE Linux Enterprise Server for VMWare 11 SP3
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
  • libxml2-x86 >= 2.7.6-0.31.1
Patchnames:
slessp3-libxml2
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libxml2-devel >= 2.7.6-0.25.1
  • libxml2-devel-32bit >= 2.7.6-0.25.1
Patchnames:
sdksp2-libxml2
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libxml2-devel >= 2.7.6-0.25.1
  • libxml2-devel-32bit >= 2.7.6-0.25.1
Patchnames:
sdksp3-libxml2
SUSE Linux Enterprise Software Development Kit 11 SP4
  • libxml2-devel >= 2.7.6-0.31.1
  • libxml2-devel-32bit >= 2.7.6-0.31.1
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA libxml2-devel
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8715
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8715
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libxml2-devel >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libxml2-devel >= 2.7.6-0.25.1
  • libxml2-devel-32bit >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Desktop 11 SP3
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Desktop 11 SP3
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Server 11 SP3
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
  • libxml2-x86 >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8714
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libxml2-devel >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libxml2-devel >= 2.7.6-0.25.1
  • libxml2-devel-32bit >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Desktop 11 SP2
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Desktop 11 SP2
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-32bit >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Server 11 SP2
  • libxml2 >= 2.7.6-0.25.1
  • libxml2-doc >= 2.7.6-0.25.1
  • libxml2-python >= 2.7.6-0.25.1
  • libxml2-x86 >= 2.7.6-0.25.1
Builds
SAT Patch Nr: 8713
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • libxml2 >= 2.6.23-15.39.1
  • libxml2-devel >= 2.6.23-15.39.1
  • libxml2-python >= 2.6.23-15.39.1
Builds
ZYPP Patch Nr: 8714
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • libxml2 >= 2.6.23-15.39.1
  • libxml2-32bit >= 2.6.23-15.39.1
  • libxml2-devel >= 2.6.23-15.39.1
  • libxml2-devel-32bit >= 2.6.23-15.39.1
  • libxml2-python >= 2.6.23-15.39.1
Builds
ZYPP Patch Nr: 8714
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • libxml2 >= 2.6.23-15.39.1
  • libxml2-devel >= 2.6.23-15.39.1
  • libxml2-python >= 2.6.23-15.39.1
Builds
ZYPP Patch Nr: 8716
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • libxml2 >= 2.6.23-15.39.1
  • libxml2-32bit >= 2.6.23-15.39.1
  • libxml2-devel >= 2.6.23-15.39.1
  • libxml2-devel-32bit >= 2.6.23-15.39.1
  • libxml2-python >= 2.6.23-15.39.1
Builds
ZYPP Patch Nr: 8716
openSUSE Evergreen 11.4
  • libxml2 >= 2.7.8-45.1
  • libxml2-32bit >= 2.7.8-45.1
  • libxml2-debuginfo >= 2.7.8-45.1
  • libxml2-debuginfo-32bit >= 2.7.8-45.1
  • libxml2-debuginfo-x86 >= 2.7.8-45.1
  • libxml2-debugsource >= 2.7.8-45.1
  • libxml2-devel >= 2.7.8-45.1
  • libxml2-devel-32bit >= 2.7.8-45.1
  • libxml2-doc >= 2.7.8-45.1
  • libxml2-x86 >= 2.7.8-45.1
Patchnames:
2013-114
openSUSE Tumbleweed
  • ruby2.2-rubygem-nokogiri >= 1.6.8.1-1.3
  • ruby2.2-rubygem-nokogiri-doc >= 1.6.8.1-1.3
  • ruby2.2-rubygem-nokogiri-testsuite >= 1.6.8.1-1.3
  • ruby2.3-rubygem-nokogiri >= 1.6.8.1-1.3
  • ruby2.3-rubygem-nokogiri-doc >= 1.6.8.1-1.3
  • ruby2.3-rubygem-nokogiri-testsuite >= 1.6.8.1-1.3
Patchnames:
openSUSE Tumbleweed GA ruby2.2-rubygem-nokogiri