VMware Security Advisory - Updated ESX patches address an issue loading corrupt virtual disks and update Service Console packages for net-snmp and libxml2.
0e7b91107741d71e6675c0f2c159e51f653f073c37b9efdcb9785268746062c4
Gentoo Linux Security Advisory GLSA 200812-06 - Multiple vulnerabilities in libxml2 might lead to execution of arbitrary code or Denial of Service. Versions less than 2.7.2-r1 are affected.
afea399183d7e4bf5793e6c11d39e7d05e10783db16546041be89900723e4205
Mandriva Linux Security Advisory 2008-231 - Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop. The second is an integer overflow that caused a heap-based buffer overflow in libxml2's XML parser. If an application linked against libxml2 were to process certain malformed XML content, it could cause the application to crash or possibly execute arbitrary code. The updated packages have been patched to correct these issues.
7413d96099e6e8bf2e438e2347de0fdef4b3853b5f304fdd946d81861cdc2526
Ubuntu Security Notice USN-673-1 - Drew Yao discovered that libxml2 did not correctly handle certain corrupt XML documents. If a user or automated system were tricked into processing a malicious XML document, a remote attacker could cause applications linked against libxml2 to enter an infinite loop, leading to a denial of service. Drew Yao discovered that libxml2 did not correctly handle large memory allocations. If a user or automated system were tricked into processing a very large XML document, a remote attacker could cause applications linked against libxml2 to crash, leading to a denial of service.
14aa962cd967df79c253c644c2c8828edaaf504811b1f094c29778d229459c52
Debian Security Advisory 1666-1 - Several vulnerabilities have been discovered in the GNOME XML library.
064f38eb88ea26a817466095e1b24a56f4b59230023f2ebed8afe3093a55b66d