[CLSA-2023:1696537106] libxml2: Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2023-10-05
Description:
- CVE-2021-3517: fix flaw in the xml entity encoding - CVE-2021-3518: fix dangling pointers in entity reference nodes - CVE-2022-23308: fix use-after-free of ID and IDREF attributes - CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML - CVE-2022-40304: fix double free as a result of an invalid XML entity - fix testapi.c to avoid false positive test errors - fix a parser and fix a null pointer dereference
Updated packages:
  • libxml2-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm
    sha:8b71b0db977448bbdda9dd955d0c9cde68331999
  • libxml2-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
    sha:b966212b8ff87a83e3d4516bd2b06bc2a1e374a4
  • libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm
    sha:ef815c5e75c65301daae8033cc2541d06cec16da
  • libxml2-devel-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
    sha:ca97c5fb9e5353e51f2eb285d41d04fed94e1fd1
  • libxml2-python-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
    sha:f3dc45d5d820029a8bfd62b93afdeaa5c8a84d80
  • libxml2-static-2.9.1-6.el7_9.6.tuxcare.els1.i686.rpm
    sha:ecbcc180a370e2d9a6122cb4f49e07a05bd9b5b8
  • libxml2-static-2.9.1-6.el7_9.6.tuxcare.els1.x86_64.rpm
    sha:f25767e14a196f3e7e69504cb8087fb0c4b2c8bd
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.