logo
DATABASE RESOURCES PRICING ABOUT US

libxml2 - security update

Description

* [CVE-2018-14404](https://security-tracker.debian.org/tracker/CVE-2018-14404) Fix of a NULL pointer dereference which might result in a crash and thus in a denial of service. * [CVE-2018-14567](https://security-tracker.debian.org/tracker/CVE-2018-14567) / [CVE-2018-9251](https://security-tracker.debian.org/tracker/CVE-2018-9251) Approvement in LZMA error handling which prevents an infinite loop. * [CVE-2017-18258](https://security-tracker.debian.org/tracker/CVE-2017-18258) Limit available memory to 100MB to avoid exhaustive memory consumption by malicious files. For Debian 8 Jessie, these problems have been fixed in version 2.9.1+dfsg1-5+deb8u7. We recommend that you upgrade your libxml2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: <https://wiki.debian.org/LTS>


Affected Software


CPE Name Name Version
libxml2 2.9.1+dfsg1-5
libxml2 2.9.1+dfsg1-5+deb8u1
libxml2 2.9.1+dfsg1-5+deb8u2
libxml2 2.9.1+dfsg1-5+deb8u3
libxml2 2.9.1+dfsg1-5+deb8u4
libxml2 2.9.1+dfsg1-5+deb8u5
libxml2 2.9.1+dfsg1-5+deb8u6

Related