ELSA-2015-1419

ELSA-2015-1419 - libxml2 security and bug fix update

Type:	SECURITY
Severity:	LOW
Release Date:	2015-07-29

Description

[2.7.6-20.0.1.el6]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball

[libxml2-2.7.6-20.el6]
- CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)

[libxml2-2.7.6-19.el6]
- Stop parsing on entities boundaries errors
- Fix missing entities after CVE-2014-3660 fix (rhbz#1149086)

[libxml2-2.7.6-18.el6]
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149086)
- Fix html serialization error and htmlSetMetaEncoding (rhbz#1004513)

Related CVEs

CVE-2015-1819

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 6 (i386)	libxml2-2.7.6-20.0.1.el6.src.rpm	bd5e1af89399aca692381bcf80610850	ELSA-2016-1292
	libxml2-2.7.6-20.0.1.el6.i686.rpm	74d177a822d0f13e708dc93db969799c	ELSA-2016-1292
	libxml2-devel-2.7.6-20.0.1.el6.i686.rpm	d06a735d79edc26b776a17d2d887e342	ELSA-2016-1292
	libxml2-python-2.7.6-20.0.1.el6.i686.rpm	8229529c715efeb2f8b3d67ddde9fbad	ELSA-2016-1292
	libxml2-static-2.7.6-20.0.1.el6.i686.rpm	ccc6bcc9a2ec51c0df634a8d1cae0324	ELSA-2016-1292
Oracle Linux 6 (x86_64)	libxml2-2.7.6-20.0.1.el6.src.rpm	bd5e1af89399aca692381bcf80610850	ELSA-2016-1292
	libxml2-2.7.6-20.0.1.el6.i686.rpm	74d177a822d0f13e708dc93db969799c	ELSA-2016-1292
	libxml2-2.7.6-20.0.1.el6.x86_64.rpm	a1b026e18b827757729400ce1d6071ce	ELSA-2016-1292
	libxml2-devel-2.7.6-20.0.1.el6.i686.rpm	d06a735d79edc26b776a17d2d887e342	ELSA-2016-1292
	libxml2-devel-2.7.6-20.0.1.el6.x86_64.rpm	59161ae19345178b6c3c12f55a9ade0e	ELSA-2016-1292
	libxml2-python-2.7.6-20.0.1.el6.x86_64.rpm	10b754bb3af2026ee09b5b3df2f4d8f2	ELSA-2016-1292
	libxml2-static-2.7.6-20.0.1.el6.x86_64.rpm	7730b9ab164c819873efe24b32c47a27	ELSA-2016-1292

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team