[CLSA-2026:1783340079] libxml2: Fix of CVE-2026-11979
Type:
security
Severity:
Important
Release date:
2026-07-06 12:14:55 UTC
Description:
- CVE-2026-11979: add bounds checks in xmlcatalog --shell usershell() to prevent stack buffer overflows when parsing overly long command lines
CVEs fixed:
Updated packages:
  • libxml2-2.9.1-6.amzn2.5.24.tuxcare.els3.i686.rpm
    sha:0b0cface688e0eaed3a44224df1a2b096e7c7cc1b17b679817c269dc349c6fcf
  • libxml2-2.9.1-6.amzn2.5.24.tuxcare.els3.x86_64.rpm
    sha:56c34df6b01018c5e84efebaf1a5ace0435f0be9123c8a4c4b01442711b830bf
  • libxml2-devel-2.9.1-6.amzn2.5.24.tuxcare.els3.x86_64.rpm
    sha:ecaf688e01f2d5105e9528f5567a9c85b0b4a5c3d1896167d92ba94a2d1aedb7
  • libxml2-python-2.9.1-6.amzn2.5.24.tuxcare.els3.x86_64.rpm
    sha:bf81291523deead7c63f410fc36b1661eeb872532debe8d4b3657c704df9acd8
  • libxml2-static-2.9.1-6.amzn2.5.24.tuxcare.els3.x86_64.rpm
    sha:8d5f34763148f49cd3cd625877b8a915fa5fdb1d5d134b4c983557a357ad4b30
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.