Описание
ELSA-2020-1827: libxml2 security update (MODERATE)
[2.9.7-7.0.1]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball
[2.9.7-7]
- Fix CVE-2018-14404 (#1595989)
[2.9.7-6]
- Fix CVE-2018-9251 (#1565322)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
libxml2
2.9.7-7.0.1.el8
libxml2-devel
2.9.7-7.0.1.el8
python3-libxml2
2.9.7-7.0.1.el8
Oracle Linux x86_64
libxml2
2.9.7-7.0.1.el8
libxml2-devel
2.9.7-7.0.1.el8
python3-libxml2
2.9.7-7.0.1.el8
Связанные CVE
Связанные уязвимости
CVSS3: 5.3
ubuntu
почти 8 лет назад
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.