RHSA-2020:1190-01 -- Redhat libxml2ID: oval:org.secpod.oval:def:503595 | Date: (C)2020-01-25 (M)2024-05-22 |
Class: PATCH | Family: unix |
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use after free triggered by XPointer paths beginning with range-to * libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate function in xpath.c * libxml2: DoS caused by incorrect error detection during XZ decompression * libxml2: NULL pointer dereference in xmlXPathCompOpEval function in xpath.c * libxml2: Unrestricted memory usage in xz_head function in xzlib.c * libxml2: Infinite loop caused by incorrect error detection during LZMA decompression For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 7 |