ELBA-2025-6597 - libxml2 bug fix and enhancement update
| Type: | SECURITY |
| Impact: | CRITICAL |
| Release Date: | 2025-06-09 |
Description
[2.12.5-5]
- Fix CVE-2024-56171 (RHEL-80119)
- Fix CVE-2025-24928 (RHEL-80134)
[2.12.5-4]
- Fix CVE-2024-40896 (RHEL-72060)
[2.12.5-3]
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018
[2.12.5-2]
- Bump release for June 2024 mass rebuild
[2.12.5-1]
- Update to 2.12.5 (#2262648)
[2.12.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[2.12.4-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
[2.12.4-1]
- Update to 2.12.4 (#2258493)
[2.12.3-1]
- Update to 2.12.3 (#2254194)
[2.12.2-2]
- Upstream patch to add extra includes
[2.12.2-1]
- Update to 2.12.2 (#2137281)
- Enable W3C XML Conformance and Schema test suites
[2.12.1-1]
- Update to 2.12.1 (#2250062)
[2.12.0-1]
- Update to 2.12.0 (#2250062)
[2.11.6-1]
- Update to 2.11.6
[2.11.5-1]
- Update to 2.11.5 (#2190441)
[2.10.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
[2.10.4-2]
- Rebuilt for Python 3.12
[2.10.4-1]
- Update to 2.10.4 (#2185870)
[2.10.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
[2.10.3-2]
- Set build options to maintain (most) symbols from 2.9.14 (#2139546)
[2.10.3-1]
- Update to 2.10.3 (#2119077)
[2.10.2-1]
- Update to 2.10.2 (#2119077)
[2.9.14-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
[2.9.14-2]
- Rebuilt for Python 3.11
[2.9.14-1]
- Update to 2.9.14 (#2080961)
[2.9.13-1]
- Update to 2.9.13
[2.9.12-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
[2.9.12-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
[2.9.12-5]
- Rebuilt for Python 3.10
[2.9.12-4]
- Fix xmlNodeDumpOutputInternal regression (#1965662)
[2.9.12-3]
- Fix multiarch conflict in devel subpackage
[2.9.12-2]
- Fix python-lxml regression with 2.9.12
[2.9.12-1]
- Update to 2.9.12 (#1960153)
[2.9.10-12]
- Fix CVE-2021-3537 (#1956524)
[2.9.10-11]
- Fix CVE-2021-3516 (#1954227)
- Fix CVE-2021-3517 (#1954234)
- Fix CVE-2021-3518 (#1954243)
[2.9.10-10]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
[2.9.10-9]
- Build the Python extension with the PY_SSIZE_T_CLEAN macro to make it
compatible with Python 3.10.
- Fixes: rhbz#1890878.
[2.9.10-8]
- Add correct fix for CVE-2020-24977 (RHBZ#1877788), thanks: Jan de Groot.
[2.9.10-7]
- Add fix for CVE-2020-24977 (RHBZ#1877788).
[2.9.10-6]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
[2.9.10-5]
- Rebuilt for Python 3.9
[2.9.10-4]
- Fix CVE-2019-20388 (#1799736)
- Fix CVE-2020-7595 (#1799786)
[2.9.10-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
[2.9.10-2]
- Fix relaxed approach to nested documents on object disposal (#1780573)
[2.9.10-1]
- Update to 2.9.10 (#1767151)
[2.9.9-7]
- Subpackage python2-libxml2 has been removed
See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
[2.9.9-6]
- Rebuilt for Python 3.8.0rc1 (#1748018)
[2.9.9-5]
- Rebuild to fix corrupted libxml2-static package on aarch64 (#1745020)
[2.9.9-4]
- Rebuilt for Python 3.8
[2.9.9-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
[2.9.9-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
[2.9.9-1]
- Update to 2.9.9
[2.9.8-5]
- Add patch to fix crash: xmlParserPrintFileContextInternal mangles utf8
[2.9.8-4]
- Backport patches from upstream
[2.9.8-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[2.9.8-2]
- Rebuilt for Python 3.7
[2.9.8-1]
- Update to 2.9.8
[2.9.7-4]
- Rebuild with new LDFLAGS from redhat-rpm-config
[2.9.7-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[2.9.7-2]
- Switch to %ldconfig_scriptlets
[2.9.7-1]
- Update to 2.9.7
- Cleanups in packaging
[2.9.5-3]
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
[2.9.5-2]
- Fix reporting error about undefined XPath variables (bug #1493613)
[2.9.5-1]
- update to 2.9.5
[2.9.4-5]
- Python 2 binary package renamed to python2-libxml2
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
[2.9.4-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[2.9.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[2.9.4-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[2.9.4-1]
- Update to 2.9.4.
- Apply very hacky patch that removes the no longer in python-3.6 PyVerify_fd symbol.
[2.9.3-5]
- Rebuild for Python 3.6
[2.9.3-4]
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
[2.9.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[2.9.3-2]
- Fix obsoletes versions now that F22 has libxml2 2.9.3 (#1287262)
[2.9.2-1]
- upstream release of 2.9.3
- Fixes for CVE-2015-8035, CVE-2015-7942, CVE-2015-7941, CVE-2015-1819
CVE-2015-7497, CVE-2015-7498, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500
and CVE-2015-8242
- many other bug fixes
[2.9.2-9]
- Rebuilt for Python3.5 rebuild
- Python3.5 has new naming convention for byte compiled files
[2.9.2-8]
- Remove executable permissions from documentation. Complies with packaging
guidelines and solves issue of libxml2-python3 package depending on python2
[2.9.2-7]
- Remove dependency on python2 from python3 subpackage, rhbz#1250940
[2.9.2-6]
- Rename the Python 3 subpackage to python3-libxml2 as per guidelines
[2.9.2-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
[2.9.2-4]
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
[2.9.2-3]
- Added Python 3 subpackage
[2.9.2-2]
- Avoid corrupting the xml catalogs
[2.9.2-1]
- upstream release of 2.9.2
- Fix for CVE-214-3660 billion laugh DOS
- many other bug fixes
[2.9.1-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
[2.9.1-4]
- fix license handling
[2.9.1-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
[2.9.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
[2.9.1-1]
- upstream release of 2.9.1
- a couple more API entry point
- compatibility with python3
- a lot of bug fixes
[2.9.0-4]
- fix --nocheck build which I broke in october rhbz#909767
[2.9.0-3]
- workaround for crc/len check failure, rhbz#877567
[2.9.0-2]
- remaining cleanups from merge bug rhbz#226079
- do not put the docs in the main package, only in -devel rhbz#864731
[2.9.0-1]
- upstream release of 2.9.0
- A few new API entry points
- More resilient push parser mode
- A lot of portability improvement
- Faster XPath evaluation
- a lot of bug fixes and smaller improvement
[2.9.0-0rc1]
- upstream release candidate 1 of 2.9.0
- introduce a small API change, but ABI compatible, see
https://mail.gnome.org/archives/xml/2012-August/msg00005.html
patches for php, gcc/libjava and evolution-data-connector are upstream
Grab me in cases of problems veillard@redhat.com
- many bug fixes including security aspects and small improvements
[2.8.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
[2.8.0-1]
- upstream release of 2.8.0
- add lzma compression support
- many bug fixes and small improvements
[2.7.8-7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
[2.7.8-6]
- fix a double free in XPath CVE-2010-4494 bug 665965
[2.7.8-5]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
[2.7.8-4]
- reactivate shared libs versionning script
[2.7.8-1]
- Upstream release of 2.7.8
- various bug fixes, including potential crashes
- new non-destructive formatting option
- date parsing updated to RFC 5646
[2.7.7-2]
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
[2.7.7-1]
- Upstream release of 2.7.7
- fix serious trouble with zlib >= 1.2.4
- xmllint new option --xpath
- various HTML parser improvements
- includes a number of nug fixes
[2.7.6-1]
- Upstream release of 2.7.6
- restore thread support off by default in 2.7.5
[2.7.5-1]
- Upstream release of 2.7.5
- fix a couple of Relax-NG validation problems
- couple more fixes
[2.7.4-2]
- fix a problem with little data at startup affecting inkscape #523002
[2.7.4-1]
- upstream release 2.7.4
- symbol versioning of libxml2 shared libs
- very large number of bug fixes
[2.7.3-4]
- two patches for parsing problems CVE-2009-2414 and CVE-2009-2416
[2.7.3-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
[2.7.3-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
[2.7.3-1]
- new release 2.7.3
- limit default max size of text nodes
- special parser mode for PHP
- bug fixes and more compiler checks
[2.7.2-7]
- Pull back into Python 2.6
[2.7.2-6]
- AutoProvides requires BuildRequires pkgconfig
[2.7.2-5]
- rebuild to get provides(libxml-2.0) into HEAD rawhide
[2.7.2-4]
- Rebuild for pkgconfig logic
[2.7.2-3]
- Rebuild for Python 2.6
[2.7.2-2.fc11]
- two patches for size overflows problems CVE-2008-4225 and CVE-2008-4226
[2.7.2-1.fc10]
- new release 2.7.2
- Fixes the known problems in 2.7.1
- increase the set of options when saving documents
[2.7.1-2.fc10]
- fix a nasty bug in 2.7.x, http://bugzilla.gnome.org/show_bug.cgi?id=554660
[2.7.1-1.fc10]
- fix python serialization which was broken in 2.7.0
- Resolve: rhbz#460774
[2.7.0-1.fc10]
- upstream release of 2.7.0
- switch to XML 1.0 5th edition
- switch to RFC 3986 for URI parsing
- better entity handling
- option to remove hardcoded limitations in the parser
- more testing
- a new API to allocate entity nodes
- and lot of fixes and clanups
[2.6.32-4.fc10]
- fix for entities recursion problem
- Resolve: rhbz#459714
[2.6.32-3.fc10]
- cleanup based on Fedora packaging guidelines, should fix #226079
- separate a -static package
[2.6.32-2.fc10]
- try to fix multiarch problems like #440206
[2.6.32-1.fc9]
- upstream release 2.6.32 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.31-2]
- Autorebuild for GCC 4.3
[2.6.31-1.fc9]
- upstream release 2.6.31 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.30-1]
- upstream release 2.6.30 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.29-1]
- upstream release 2.6.29 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.28-2]
- Bump revision to fix N-V-R problem
[2.6.28-1]
- upstream release 2.6.28 see http://xmlsoft.org/news.html
- many bug fixed upstream
[2.6.27-2]
- rebuild against python 2.5
[2.6.27-1]
- upstream release 2.6.27 see http://xmlsoft.org/news.html
- very large amount of bug fixes reported upstream
[2.6.26-2.1.1]
- rebuild
[2.6.26-2.1]
- rebuild
[2.6.26-2]
- fix bug #192873
[2.6.26-1]
- upstream release 2.6.26 see http://xmlsoft.org/news.html
* Tue Jun 06 2006 Daniel Veillard
- upstream release 2.6.25 broken, do not ship !
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
