Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:0446-1

Опубликовано: 10 фев. 2017
Источник: suse-cvrf

Описание

Security update for libxml2

This update for libxml2 fixes the following issues:

  • CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544]
  • Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873]
  • CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497).

For CVE-2016-9318 we decided not to ship a fix since it can break existing setups. Please take appropriate actions if you parse untrusted XML files and use the new -noxxe flag if possible (bnc#1010675, bnc#1013930).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.2
libxml2-2.9.4-3.1
libxml2-2-2.9.4-3.1
libxml2-2-32bit-2.9.4-3.1
libxml2-devel-2.9.4-3.1
libxml2-devel-32bit-2.9.4-3.1
libxml2-doc-2.9.4-3.1
libxml2-tools-2.9.4-3.1
python-libxml2-2.9.4-3.1

Ссылки

Описание

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

Затронутые продукты
openSUSE Leap 42.2:libxml2-2-2.9.4-3.1
openSUSE Leap 42.2:libxml2-2-32bit-2.9.4-3.1
openSUSE Leap 42.2:libxml2-2.9.4-3.1
openSUSE Leap 42.2:libxml2-devel-2.9.4-3.1
Ссылки

Описание

libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.

Затронутые продукты
openSUSE Leap 42.2:libxml2-2-2.9.4-3.1
openSUSE Leap 42.2:libxml2-2-32bit-2.9.4-3.1
openSUSE Leap 42.2:libxml2-2.9.4-3.1
openSUSE Leap 42.2:libxml2-devel-2.9.4-3.1
Ссылки

Описание

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

Затронутые продукты
openSUSE Leap 42.2:libxml2-2-2.9.4-3.1
openSUSE Leap 42.2:libxml2-2-32bit-2.9.4-3.1
openSUSE Leap 42.2:libxml2-2.9.4-3.1
openSUSE Leap 42.2:libxml2-devel-2.9.4-3.1
Ссылки
Уязвимость openSUSE-SU-2017:0446-1