Описание
Security update for libxml2
This update for libxml2 fixes the following issues:
- CVE-2017-8872: Out-of-bounds read could lead to application crash (bsc#1038444)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
libxml2-2.7.6-0.77.3.2
libxml2-32bit-2.7.6-0.77.3.2
libxml2-doc-2.7.6-0.77.3.2
libxml2-python-2.7.6-0.77.3.5
libxml2-x86-2.7.6-0.77.3.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
libxml2-2.7.6-0.77.3.2
libxml2-32bit-2.7.6-0.77.3.2
libxml2-doc-2.7.6-0.77.3.2
libxml2-python-2.7.6-0.77.3.5
libxml2-x86-2.7.6-0.77.3.2
SUSE Linux Enterprise Software Development Kit 11 SP4
libxml2-devel-2.7.6-0.77.3.2
libxml2-devel-32bit-2.7.6-0.77.3.2
Ссылки
- Link for SUSE-SU-2017:2115-1
- E-Mail link for SUSE-SU-2017:2115-1
- SUSE Security Ratings
- SUSE Bug 1038444
- SUSE CVE CVE-2017-8872 page
Описание
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:libxml2-2.7.6-0.77.3.2
SUSE Linux Enterprise Server 11 SP4:libxml2-32bit-2.7.6-0.77.3.2
SUSE Linux Enterprise Server 11 SP4:libxml2-doc-2.7.6-0.77.3.2
SUSE Linux Enterprise Server 11 SP4:libxml2-python-2.7.6-0.77.3.5
Ссылки
- CVE-2017-8872
- SUSE Bug 1038444
- SUSE Bug 1123919