The updated packages fix security vulnerabilities: Use-after-free in xmlEncodeEntitiesInternal() in entities.c. (CVE-2021-3516) Heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c. (CVE-2021-3517) Use-after-free in xmlXIncludeDoProcess() in xinclude.c. (CVE-2021-3518) NULL pointer dereference in valid.c in xmlValidBuildAContentModel. (CVE-2021-3537)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | libxml2 | < 2.9.9-2.6 | libxml2-2.9.9-2.6.mga7 |
Mageia | 8 | noarch | libxml2 | < 2.9.10-7.1 | libxml2-2.9.10-7.1.mga8 |