[CLSA-2026:1783095251] Fix CVE(s): CVE-2026-11979
Type:
security
Severity:
Important
Release date:
2026-07-03 16:14:28 UTC
Description:
* SECURITY UPDATE: stack buffer overflows in xmlcatalog --shell mode - debian/patches/CVE-2026-11979.patch: add bounds checks in the usershell() command-line parser in xmlcatalog.c to prevent stack buffer overflows when parsing overly long command lines - CVE-2026-11979
CVEs fixed:
Updated packages:
  • libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:91fd690672b069de7be1083b789942361c045fa9
  • libxml2-dev_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:5d9ee29c616c03de931f5c20140f12ba545b274e
  • libxml2-doc_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_all.deb
    sha:1ba4817ae3a395fa8c8b733bbe29fd2fa89ff50b
  • libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:fbd603f0531f00a2b76ba1ec12cce99dcb940088
  • python-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:95a73af57b125b277c31f79c86046d1aab2f57f2
  • python3-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els6_amd64.deb
    sha:0e16c21063f992c5279621145e9e6fcae429a759
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.