libxml2: Multiple vulnerabilities Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service. libxml2 2013-11-10 2013-11-10 434344 444836 458430 458740 466238 476438 remote 2.9.1-r1 2.9.1-r1

libxml2 is the XML C parser and toolkit developed for the Gnome project.

Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted document with an application linked against libxml2, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

There is no known workaround at this time.

All libxml2 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.9.1-r1" CVE-2012-2871 CVE-2012-5134 CVE-2013-0338 CVE-2013-1664 CVE-2013-1969 CVE-2013-2877 ackle ackle