Описание
Security update for libxml2
This update for libxml2 fixes the following issues:
- CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode() in tree.c (bsc#1216129).
Список пакетов
Container caasp/v4/cilium-operator:1.6.6
libxml2-2-2.9.7-150000.3.63.1
Container caasp/v4/cilium:1.6.6
libxml2-2-2.9.7-150000.3.63.1
Container suse/ltss/sle15.3/bci-base:latest
libxml2-2-2.9.7-150000.3.63.1
Container suse/sle-micro-rancher/5.2:latest
libxml2-2-2.9.7-150000.3.63.1
Container suse/sle-micro/5.1/toolbox:latest
libxml2-2-2.9.7-150000.3.63.1
Container suse/sle-micro/5.2/toolbox:latest
libxml2-2-2.9.7-150000.3.63.1
Container suse/sle15:15.1
libxml2-2-2.9.7-150000.3.63.1
Container suse/sle15:15.2
libxml2-2-2.9.7-150000.3.63.1
Container suse/sle15:15.3
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.7-150000.3.63.1
libxml2-2-32bit-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP2-HPC-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-Azure
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP2-SAP-GCE
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-CHOST-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-CHOST-BYOS-EC2
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-CHOST-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-HPC-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-HPC-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAP-BYOS-Azure
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAP-BYOS-GCE
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAPCAL-Azure
libxml2-2-2.9.7-150000.3.63.1
libxml2-devel-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libxml2-2-2.9.7-150000.3.63.1
libxml2-devel-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
Image SLES15-SP3-SAPCAL-GCE
libxml2-2-2.9.7-150000.3.63.1
libxml2-devel-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
SUSE Linux Enterprise Micro 5.1
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
SUSE Linux Enterprise Micro 5.2
libxml2-2-2.9.7-150000.3.63.1
libxml2-tools-2.9.7-150000.3.63.1
python3-libxml2-python-2.9.7-150000.3.63.1
openSUSE Leap 15.4
python3-libxml2-python-2.9.7-150000.3.63.1
openSUSE Leap 15.5
python3-libxml2-python-2.9.7-150000.3.63.1
Ссылки
- Link for SUSE-SU-2023:4464-1
- E-Mail link for SUSE-SU-2023:4464-1
- SUSE Security Ratings
- SUSE Bug 1216129
- SUSE CVE CVE-2023-45322 page
Описание
** DISPUTED ** libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
Затронутые продукты
Container caasp/v4/cilium-operator:1.6.6:libxml2-2-2.9.7-150000.3.63.1
Container caasp/v4/cilium:1.6.6:libxml2-2-2.9.7-150000.3.63.1
Container suse/ltss/sle15.3/bci-base:latest:libxml2-2-2.9.7-150000.3.63.1
Container suse/sle-micro-rancher/5.2:latest:libxml2-2-2.9.7-150000.3.63.1
Ссылки
- CVE-2023-45322
- SUSE Bug 1216129