SUSE-SU-2018:0395-1 -- SLES libxml2ID: oval:org.secpod.oval:def:89043904 | Date: (C)2021-03-05 (M)2024-04-29 |
Class: PATCH | Family: unix |
This update for libxml2 fixes several issues. Theses security issues were fixed: - CVE-2017-16932: Fixed infinite recursion could lead to an infinite loop or memory exhaustion when expanding a parameter entity in a DTD . - CVE-2017-15412: Prevent use after free when calling XPath extension functions that allowed remote attackers to cause DoS or potentially RCE - CVE-2016-5131: Use-after-free vulnerability in libxml2 allowed remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function. - CVE-2017-5130: Fixed a potential remote buffer overflow in function xmlMemoryStrdup
Platform: |
SUSE Linux Enterprise Server 11 SP4 |