[CLSA-2025:1752655171] libxml2: Fix of 3 CVEs
Type:
security
Severity:
Critical
Release date:
2025-07-16 08:39:36 UTC
Description:
- CVE-2025-49794: fix use-after-free issue triggered by processing certain elements in input XML file. - CVE-2025-49796: fix memory corruption issue triggered by processing certain sch:name elements in input XML file. - CVE-2025-6021: fix integer overflow in buffer size calculations to prevent stack-based buffer overflow
Updated packages:
  • libxml2-2.9.7-9.el8_4.2.tuxcare.els11.i686.rpm
    sha:9808df49775ee533795158174e376bb615d54cbdcf0b8afaced7dae78290fb80
  • libxml2-2.9.7-9.el8_4.2.tuxcare.els11.x86_64.rpm
    sha:a7b825beacd54271ebf585553cbfd802befee8cf47ece7d62beb27f768e55c79
  • libxml2-devel-2.9.7-9.el8_4.2.tuxcare.els11.i686.rpm
    sha:db6808f44e1a278ce68173126de7428a2c9c22c289d7bc70d02ac75bd216cadd
  • libxml2-devel-2.9.7-9.el8_4.2.tuxcare.els11.x86_64.rpm
    sha:372ae043aad8512a6b75a5c7b07db2431368d936187a3974337a43e61091b367
  • libxml2-static-2.9.7-9.el8_4.2.tuxcare.els11.x86_64.rpm
    sha:6dcb2bb99558cfbc0da3ca51f200686c4121e2c337b0755ed2d966451d9ea446
  • python3-libxml2-2.9.7-9.el8_4.2.tuxcare.els11.x86_64.rpm
    sha:37d3cc46e5c215132ae7e4de486024b4add21c66f5d9d2e6d86acbec007ebc42
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.