Scientific Linux Security Update : libxml2 on SL5.x, SL6.x i386/x86_64
Medium Nessus Plugin ID 64964
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption. (CVE-2013-0338)
The desktop must be restarted (log out, then log back in) for this update to take effect.
SolutionUpdate the affected packages.