RLSA-2025:10699

Опубликовано: 04 окт. 2025

Источник: rocky

Оценка: Important

Описание

Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards.

Security Fix(es):

libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 9

Наименование	Архитектура	Релиз	RPM
libxml2	i686	10.el9_6	libxml2-2.9.13-10.el9_6.i686.rpm
libxml2	x86_64	10.el9_6	libxml2-2.9.13-10.el9_6.x86_64.rpm
python3-libxml2	x86_64	10.el9_6	python3-libxml2-2.9.13-10.el9_6.x86_64.rpm