Описание
Security update for libxml2
This update for libxml2 fixes the following issues:
- CVE-2019-19956: Reverted the upstream fix for this memory leak because it introduced other, more severe vulnerabilities (bsc#1172021).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
libxml2-2-2.9.7-lp151.5.12.1
libxml2-2-32bit-2.9.7-lp151.5.12.1
libxml2-devel-2.9.7-lp151.5.12.1
libxml2-devel-32bit-2.9.7-lp151.5.12.1
libxml2-doc-2.9.7-lp151.5.12.1
libxml2-tools-2.9.7-lp151.5.12.1
python2-libxml2-python-2.9.7-lp151.5.12.1
python3-libxml2-python-2.9.7-lp151.5.12.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0781-1
- SUSE Security Ratings
- SUSE Bug 1172021
- SUSE CVE CVE-2019-19956 page
Описание
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
Затронутые продукты
openSUSE Leap 15.1:libxml2-2-2.9.7-lp151.5.12.1
openSUSE Leap 15.1:libxml2-2-32bit-2.9.7-lp151.5.12.1
openSUSE Leap 15.1:libxml2-devel-2.9.7-lp151.5.12.1
openSUSE Leap 15.1:libxml2-devel-32bit-2.9.7-lp151.5.12.1
Ссылки
- CVE-2019-19956
- SUSE Bug 1159928
- SUSE Bug 1191860