Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:3107-1

Опубликовано: 12 окт. 2018
Источник: suse-cvrf

Описание

Security update for libxml2

This update for libxml2 fixes the following security issues:

  • CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).
  • CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166).
  • CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046).
  • CVE-2017-18258: The xz_head function allowed remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality did not restrict memory usage to what is required for a legitimate file (bsc#1088601).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Список пакетов

openSUSE Leap 42.3
libxml2-2.9.4-18.1
libxml2-2-2.9.4-18.1
libxml2-2-32bit-2.9.4-18.1
libxml2-devel-2.9.4-18.1
libxml2-devel-32bit-2.9.4-18.1
libxml2-doc-2.9.4-18.1
libxml2-tools-2.9.4-18.1
python-libxml2-2.9.4-18.1

Ссылки

Описание

The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.

Затронутые продукты
openSUSE Leap 42.3:libxml2-2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2-32bit-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-devel-2.9.4-18.1
Ссылки

Описание

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.

Затронутые продукты
openSUSE Leap 42.3:libxml2-2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2-32bit-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-devel-2.9.4-18.1
Ссылки

Описание

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

Затронутые продукты
openSUSE Leap 42.3:libxml2-2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2-32bit-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-devel-2.9.4-18.1
Ссылки

Описание

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

Затронутые продукты
openSUSE Leap 42.3:libxml2-2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2-32bit-2.9.4-18.1
openSUSE Leap 42.3:libxml2-2.9.4-18.1
openSUSE Leap 42.3:libxml2-devel-2.9.4-18.1
Ссылки
Уязвимость openSUSE-SU-2018:3107-1