Описание
Security update for libxml2
This update for libxml2 fixes the following issues:
- CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.2
libxml2-2-2.9.7-lp152.10.3.1
libxml2-2-32bit-2.9.7-lp152.10.3.1
libxml2-devel-2.9.7-lp152.10.3.1
libxml2-devel-32bit-2.9.7-lp152.10.3.1
libxml2-doc-2.9.7-lp152.10.3.1
libxml2-tools-2.9.7-lp152.10.3.1
python2-libxml2-python-2.9.7-lp152.10.3.1
python3-libxml2-python-2.9.7-lp152.10.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1465-1
- SUSE Security Ratings
- SUSE Bug 1176179
- SUSE CVE CVE-2020-24977 page
Описание
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
Затронутые продукты
openSUSE Leap 15.2:libxml2-2-2.9.7-lp152.10.3.1
openSUSE Leap 15.2:libxml2-2-32bit-2.9.7-lp152.10.3.1
openSUSE Leap 15.2:libxml2-devel-2.9.7-lp152.10.3.1
openSUSE Leap 15.2:libxml2-devel-32bit-2.9.7-lp152.10.3.1
Ссылки
- CVE-2020-24977
- SUSE Bug 1176179
- SUSE Bug 1191860