logo
DATABASE RESOURCES PRICING ABOUT US

Fix of 8 CVEs

Description

- CVE-2021-3517.patch: validate UTF8 in xmlEncodeEntities - CVE-2021-3518.patch: fix user-after-free with 'xmllint --xinclude --dropdtd' - CVE-2021-3537.patch: propagate error in xmlParseElementChildrenContentDeclPriv - CVE-2021-3541.patch: parser fix for the billion laughs attack - CVE-2021-3516.patch: fix use-after-free with 'xmllint --html --push' - CVE-2017-8872.patch: free input buffer in xmlHaltParser - CVE-2019-20388.patch: fix memory leak in xmlSchemaValidateStream - CVE-2020-24977.patch: fix out-of-bounds read with 'xmllint --htmlout'


Affected Package


OS OS Version Package Name Package Version
Centos 6 libxml2 2.7.6
Centos 6 libxml2 2.7.6
Centos 6 libxml2-static 2.7.6
Centos 6 libxml2-devel 2.7.6
Centos 6 libxml2-python 2.7.6
Centos 6 libxml2-devel 2.7.6

Related