SUSE-SU-2019:13985-1 -- SLES libxml2ID: oval:org.secpod.oval:def:89003032 | Date: (C)2021-02-27 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for libxml2 fixes the following issues: Security issue fixed: - CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack Other Issue fixed: - Fixed a bug related to the fix for CVE-2016-9318 which allowed xsltproc to access the internet even when --nonet was given and also was making docbook-xsl-stylesheets to have incomplete xml catalog file .
Platform: |
SUSE Linux Enterprise Server 11 SP4 |