Fedora 15 : libxml-1.8.17-27.fc15 (2011-7820)
High Nessus Plugin ID 55492
SynopsisThe remote Fedora host is missing a security update.
DescriptionThis update addresses CVE-2011-1944 (heap-based buffer overflow by adding a new namespace node to an existing nodeset or merging nodesets). It is described in detail at http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-an d-interesting.html
It also fixes the broken xpath implementation, which was crashing in the regression test suite on 32-bit architectures and failing some of the tests on all architectures.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected libxml package.