ELSA-2015-1419

ELSA-2015-1419 - libxml2 security and bug fix update

Type:SECURITY
Severity:LOW
Release Date:2015-07-29

Description


[2.7.6-20.0.1.el6]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball

[libxml2-2.7.6-20.el6]
- CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)

[libxml2-2.7.6-19.el6]
- Stop parsing on entities boundaries errors
- Fix missing entities after CVE-2014-3660 fix (rhbz#1149086)

[libxml2-2.7.6-18.el6]
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149086)
- Fix html serialization error and htmlSetMetaEncoding (rhbz#1004513)


Related CVEs


CVE-2015-1819

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) libxml2-2.7.6-20.0.1.el6.src.rpmbd5e1af89399aca692381bcf80610850ELSA-2016-1292
libxml2-2.7.6-20.0.1.el6.i686.rpm74d177a822d0f13e708dc93db969799cELSA-2016-1292
libxml2-devel-2.7.6-20.0.1.el6.i686.rpmd06a735d79edc26b776a17d2d887e342ELSA-2016-1292
libxml2-python-2.7.6-20.0.1.el6.i686.rpm8229529c715efeb2f8b3d67ddde9fbadELSA-2016-1292
libxml2-static-2.7.6-20.0.1.el6.i686.rpmccc6bcc9a2ec51c0df634a8d1cae0324ELSA-2016-1292
Oracle Linux 6 (x86_64) libxml2-2.7.6-20.0.1.el6.src.rpmbd5e1af89399aca692381bcf80610850ELSA-2016-1292
libxml2-2.7.6-20.0.1.el6.i686.rpm74d177a822d0f13e708dc93db969799cELSA-2016-1292
libxml2-2.7.6-20.0.1.el6.x86_64.rpma1b026e18b827757729400ce1d6071ceELSA-2016-1292
libxml2-devel-2.7.6-20.0.1.el6.i686.rpmd06a735d79edc26b776a17d2d887e342ELSA-2016-1292
libxml2-devel-2.7.6-20.0.1.el6.x86_64.rpm59161ae19345178b6c3c12f55a9ade0eELSA-2016-1292
libxml2-python-2.7.6-20.0.1.el6.x86_64.rpm10b754bb3af2026ee09b5b3df2f4d8f2ELSA-2016-1292
libxml2-static-2.7.6-20.0.1.el6.x86_64.rpm7730b9ab164c819873efe24b32c47a27ELSA-2016-1292



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete