logo
DATABASE RESOURCES PRICING ABOUT US

SUSE SLES11 Security Update : libxml2 (SUSE-SU-2019:13985-1)

Description

This update for libxml2 fixes the following issues : Security issue fixed : CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046) Other Issue fixed: Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have incomplete xml catalog file (bsc#1010675, bsc#1126613 and bsc#1110146). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Related