Описание
Security update for libxml2
This update for libxml2 fixes the following security issue:
- CVE-2017-8872: Out-of-bounds read in htmlParseTryOrFinish. (bsc#1038444)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
Список пакетов
openSUSE Leap 42.2
libxml2-2.9.4-12.1
libxml2-2-2.9.4-12.1
libxml2-2-32bit-2.9.4-12.1
libxml2-devel-2.9.4-12.1
libxml2-devel-32bit-2.9.4-12.1
libxml2-doc-2.9.4-12.1
libxml2-tools-2.9.4-12.1
python-libxml2-2.9.4-12.1
openSUSE Leap 42.3
libxml2-2.9.4-12.1
libxml2-2-2.9.4-12.1
libxml2-2-32bit-2.9.4-12.1
libxml2-devel-2.9.4-12.1
libxml2-devel-32bit-2.9.4-12.1
libxml2-doc-2.9.4-12.1
libxml2-tools-2.9.4-12.1
python-libxml2-2.9.4-12.1
Ссылки
- E-Mail link for openSUSE-SU-2017:2190-1
- SUSE Security Ratings
Описание
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
Затронутые продукты
openSUSE Leap 42.2:libxml2-2-2.9.4-12.1
openSUSE Leap 42.2:libxml2-2-32bit-2.9.4-12.1
openSUSE Leap 42.2:libxml2-2.9.4-12.1
openSUSE Leap 42.2:libxml2-devel-2.9.4-12.1
Ссылки
- CVE-2017-8872
- SUSE Bug 1038444
- SUSE Bug 1123919