logo
DATABASE RESOURCES PRICING ABOUT US

libxml2 - security update

Description

* [CVE-2015-8241](https://security-tracker.debian.org/tracker/CVE-2015-8241) Buffer overread with XML parser in xmlNextChar * [CVE-2015-8317](https://security-tracker.debian.org/tracker/CVE-2015-8317) + issues in the xmlParseXMLDecl function: If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors. + If the string is not properly terminated do not try to convert to the given encoding. Additional fix for off by one error in previous patch for [CVE-2015-7942](https://security-tracker.debian.org/tracker/CVE-2015-7942) (thanks to Salvatore for spotting this)


Affected Software


CPE Name Name Version
libxml2 2.7.8.dfsg-2+squeeze14
libxml2 2.7.8.dfsg-2+squeeze2
libxml2 2.7.8.dfsg-2+squeeze1
libxml2 2.7.8.dfsg-2+squeeze13
libxml2 2.7.8.dfsg-2+squeeze5
libxml2 2.7.8.dfsg-2+squeeze7
libxml2 2.7.8.dfsg-2
libxml2 2.7.8.dfsg-2+squeeze6
libxml2 2.7.8.dfsg-2+squeeze11
libxml2 2.7.8.dfsg-2+squeeze9
libxml2 2.7.8.dfsg-2+squeeze10
libxml2 2.7.8.dfsg-2+squeeze12
libxml2 2.7.8.dfsg-2+squeeze3
libxml2 2.7.8.dfsg-2+squeeze4
libxml2 2.7.8.dfsg-2+squeeze8

Related