logo
DATABASE RESOURCES PRICING ABOUT US

libxml2 security update

Description

[2.9.1-6.0.1.el7_1.2] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.1-6.2] - Fix a series of CVEs (rhbz#1286496) - CVE-2015-7941 Stop parsing on entities boundaries errors - CVE-2015-7941 Cleanup conditional section error handling - CVE-2015-8317 Fail parsing early on if encoding conversion failed - CVE-2015-7942 Another variation of overflow in Conditional sections - CVE-2015-7942 Fix an error in previous Conditional section patch - Fix parsing short unclosed comment uninitialized access - CVE-2015-7498 Avoid processing entities after encoding conversion failures - CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey - CVE-2015-5312 Another entity expansion issue - CVE-2015-7499 Add xmlHaltParser() to stop the parser - CVE-2015-7499 Detect incoherency on GROW - CVE-2015-7500 Fix memory access error due to incorrect entities boundaries - CVE-2015-8242 Buffer overead with HTML parser in push mode - CVE-2015-1819 Enforce the reader to run in constant memory [2.9.1-6] - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities (rhbz#1195650) - Fix regressions introduced by CVE-2014-0191 patch [2.9.1-5.1] - CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087)


Affected Package


OS OS Version Package Name Package Version
oracle linux 7 libxml2 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2-devel 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2-devel 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2-python 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2-static 2.9.1-6.0.1.el7_2.2
oracle linux 7 libxml2-static 2.9.1-6.0.1.el7_2.2

Related