Release date:
2021-12-28 14:11:50 UTC
Description:
* SECURITY UPDATE: Out-of-bounds array access
- debian/patches/CVE-2021-3517.patch: Validate UTF8 in xmlEncodeEntities
- CVE-2021-3517
* SECURITY UPDATE: Use-after-free error
- debian/patches/CVE-2021-3518.patch: Fix use-after-free
with 'xmllint --xinclude --dropdtd'
- CVE-2021-3518
* SECURITY UPDATE: Null pointer dereference while parsing in recovery mode
- debian/patches/CVE-2021-3537.patch: Propagate error in
xmlParseElementChildrenContentDeclPriv
- CVE-2021-3537
* SECURITY UPDATE: Parser fix for the billion laugs attach
- debian/patches/CVE-2021-3541.patch: Fix parameter entities expansion
in xmlParserEntityCheck
- CVE-2021-3541
* SECURITY UPDATE: Miscalculation of available bytes when parsing
- debian/patches/CVE-2017-8872.patch: Free input buffer in xmlHaltParser
- CVE-2017-8872
* SECURITY UPDATE: Memory leak
- debian/patches/CVE-2019-20388.patch: Fix memory leak in
xmlSchemaValidateStream
- CVE-2019-20388
* SECURITY UPDATE: Out-of-bounds array access
- debian/patches/CVE-2020-24977.patch: Fix out-of-bounds read with
'xmllint --htmlout'
- CVE-2020-24977
* SECURITY UPDATE: Use-after-free error
- debian/patches/CVE-2021-3516.patch: Fix use-after-free
with 'xmllint --html --push'
- CVE-2021-3516
Updated packages:
-
libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb
sha:0a14d2ae81f266a214531cb4fc4888b281c11304
-
libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb
sha:92bedf4a4f4ecdecccae68f5ac91a7c610bf8daf
-
libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_all.deb
sha:ee09716c2fa0ba3089fcf97d2d139025550bea0f
-
libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb
sha:0e6653515a817a8267556ee4d70f951ed275bad0
-
python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els1_amd64.deb
sha:41cfe6e25d472ef15137496503bdb0d9120af7b5
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
