Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2024:0556-1

Опубликовано: 29 мая 2024
Источник: suse-cvrf

Описание

Security update for libxml2

This update for libxml2 fixes the following issues:

  • CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest
libxml2-2-2.9.4-46.71.1
Container suse/sles12sp5:latest
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-BYOS
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-Basic-On-Demand
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-HPC-BYOS
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-HPC-On-Demand
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-SAP-BYOS
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-Azure-SAP-On-Demand
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-Azure-Standard-On-Demand
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-EC2-BYOS
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-EC2-ECS-On-Demand
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-EC2-On-Demand
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-EC2-SAP-BYOS
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-EC2-SAP-On-Demand
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-GCE-BYOS
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-GCE-On-Demand
libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-GCE-SAP-BYOS
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-GCE-SAP-On-Demand
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libxml2-2-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libxml2-2-2.9.4-46.71.1
libxml2-2-32bit-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
SUSE Linux Enterprise Server 12 SP5
libxml2-2-2.9.4-46.71.1
libxml2-2-32bit-2.9.4-46.71.1
libxml2-doc-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
python-libxml2-2.9.4-46.71.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libxml2-2-2.9.4-46.71.1
libxml2-2-32bit-2.9.4-46.71.1
libxml2-doc-2.9.4-46.71.1
libxml2-tools-2.9.4-46.71.1
python-libxml2-2.9.4-46.71.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libxml2-devel-2.9.4-46.71.1

Ссылки

Описание

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

Затронутые продукты
Container suse/ltss/sle12.5/sles12sp5:latest:libxml2-2-2.9.4-46.71.1
Container suse/sles12sp5:latest:libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-BYOS:libxml2-2-2.9.4-46.71.1
Image SLES12-SP5-Azure-Basic-On-Demand:libxml2-2-2.9.4-46.71.1
Ссылки