Release date:
2025-05-07 21:39:13 UTC
Description:
* SECURITY UPDATE: OOB access in python API
- debian/patches/CVE-2025-32414-pre1.patch: fix SAX driver with
character streams in python/drv_libxml2.py.
- debian/patches/CVE-2025-32414-1.patch: read at most len/4 characters
in python/libxml.c.
- debian/patches/CVE-2025-32414-2.patch: add a test in
python/tests/Makefile.am, python/tests/unicode.py.
- CVE-2025-32414
* SECURITY UPDATE: heap under-read in xmlSchemaIDCFillNodeTables
- debian/patches/CVE-2025-32415.patch: fix heap buffer overflow in
xmlSchemaIDCFillNodeTables in xmlschemas.c.
- CVE-2025-32415
Updated packages:
-
libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb
sha:a52ec983705a01bee361c536b3974698f908cf9f
-
libxml2-dev_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb
sha:0249461c3b3bc2bdd3ae8a3d624ea01cc4456517
-
libxml2-doc_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_all.deb
sha:79c8a30838c7301b13aa8563bf37d20a8ab6605b
-
libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb
sha:92045f92de1a4a14e7119e0e31ce757498a4ba1d
-
python-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb
sha:2fa47a9523b8f881fc1c729239bc5959a6380e98
-
python3-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb
sha:911494123f7e3a7621b27c070973a102313cdab4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
