Juraj Somorovsky discovered that libxml2 was vulnerable to hash table collisions. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause a denial of service. Updated packages are available from security.ubuntu.com.
========================================================================== Ubuntu Security Notice USN-1376-1 February 27, 2012 libxml2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: libxml2 could be made to cause a denial of service by consuming excessive CPU resources. Software Description: - libxml2: GNOME XML library Details: Juraj Somorovsky discovered that libxml2 was vulnerable to hash table collisions. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: libxml2 2.7.8.dfsg-4ubuntu0.2 Ubuntu 11.04: libxml2 2.7.8.dfsg-2ubuntu0.3 Ubuntu 10.10: libxml2 2.7.7.dfsg-4ubuntu0.4 Ubuntu 10.04 LTS: libxml2 2.7.6.dfsg-1ubuntu1.4 Ubuntu 8.04 LTS: libxml2 2.6.31.dfsg-2ubuntu1.8 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1376-1 CVE-2012-0841 Package Information: https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-4ubuntu0.2 https://launchpad.net/ubuntu/+source/libxml2/2.7.8.dfsg-2ubuntu0.3 https://launchpad.net/ubuntu/+source/libxml2/2.7.7.dfsg-4ubuntu0.4 https://launchpad.net/ubuntu/+source/libxml2/2.7.6.dfsg-1ubuntu1.4 https://launchpad.net/ubuntu/+source/libxml2/2.6.31.dfsg-2ubuntu1.8