Stay Connected:

ELSA-2015-2549

ELSA-2015-2549 - libxml2 security update

Type:SECURITY
Impact:MODERATE
Release Date:2015-12-07

Description


[2.7.6-20.0.1]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball

[2.7.6-20.1]
- Fix a series of CVEs (rhbz#1286495)
- CVE-2015-7941 Cleanup conditional section error handling
- CVE-2015-8317 Fail parsing early on if encoding conversion failed
- CVE-2015-7942 Another variation of overflow in Conditional sections
- CVE-2015-7942 Fix an error in previous Conditional section patch
- Fix parsing short unclosed comment uninitialized access
- CVE-2015-7498 Avoid processing entities after encoding conversion failures
- CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
- CVE-2015-5312 Another entity expansion issue
- CVE-2015-7499 Add xmlHaltParser() to stop the parser
- CVE-2015-7499 Detect incoherency on GROW
- CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
- CVE-2015-8242 Buffer overead with HTML parser in push mode
- Libxml violates the zlib interface and crashes


Related CVEs


CVE-2015-7500
CVE-2015-5312
CVE-2015-7499
CVE-2015-7498
CVE-2015-7942
CVE-2015-8317
CVE-2015-7497
CVE-2015-7941
CVE-2015-8241
CVE-2015-8242

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 6 (i386) libxml2-2.7.6-20.0.1.el6_7.1.src.rpm5391efa0bf34a4bfb036421f92b45d29cb3a980929978db128a6bee03ce8306eELSA-2016-1292ol6_i386_latest_archive
libxml2-2.7.6-20.0.1.el6_7.1.src.rpm5391efa0bf34a4bfb036421f92b45d29cb3a980929978db128a6bee03ce8306eELSA-2016-1292ol6_u7_i386_patch
libxml2-2.7.6-20.0.1.el6_7.1.i686.rpme60fef44494c42e94c98b61f3f1f9abb7f246d86f77774cd538461d7cdf40f22ELSA-2016-1292ol6_i386_latest_archive
libxml2-2.7.6-20.0.1.el6_7.1.i686.rpme60fef44494c42e94c98b61f3f1f9abb7f246d86f77774cd538461d7cdf40f22ELSA-2016-1292ol6_u7_i386_patch
libxml2-devel-2.7.6-20.0.1.el6_7.1.i686.rpm9835354e65f74867c6b3485b0fc7063a1639267b851bd6c1f930335445b57e02ELSA-2016-1292ol6_i386_latest_archive
libxml2-devel-2.7.6-20.0.1.el6_7.1.i686.rpm9835354e65f74867c6b3485b0fc7063a1639267b851bd6c1f930335445b57e02ELSA-2016-1292ol6_u7_i386_patch
libxml2-python-2.7.6-20.0.1.el6_7.1.i686.rpm37297fbe113713f09a2546851e9906af3a2b8615caaf8ea62683caa15e56e9b8ELSA-2016-1292ol6_i386_latest_archive
libxml2-python-2.7.6-20.0.1.el6_7.1.i686.rpm37297fbe113713f09a2546851e9906af3a2b8615caaf8ea62683caa15e56e9b8ELSA-2016-1292ol6_u7_i386_patch
libxml2-static-2.7.6-20.0.1.el6_7.1.i686.rpmb641a814a005e8ef58317b12018b2c71edc0d55941edacf7b99a11c04a5ae839ELSA-2016-1292ol6_i386_latest_archive
libxml2-static-2.7.6-20.0.1.el6_7.1.i686.rpmb641a814a005e8ef58317b12018b2c71edc0d55941edacf7b99a11c04a5ae839ELSA-2016-1292ol6_u7_i386_patch
Oracle Linux 6 (x86_64) libxml2-2.7.6-20.0.1.el6_7.1.src.rpm5391efa0bf34a4bfb036421f92b45d29cb3a980929978db128a6bee03ce8306eELSA-2016-1292ol6_u7_x86_64_patch
libxml2-2.7.6-20.0.1.el6_7.1.src.rpm5391efa0bf34a4bfb036421f92b45d29cb3a980929978db128a6bee03ce8306eELSA-2016-1292ol6_x86_64_latest_archive
libxml2-2.7.6-20.0.1.el6_7.1.i686.rpme60fef44494c42e94c98b61f3f1f9abb7f246d86f77774cd538461d7cdf40f22ELSA-2016-1292ol6_u7_x86_64_patch
libxml2-2.7.6-20.0.1.el6_7.1.i686.rpme60fef44494c42e94c98b61f3f1f9abb7f246d86f77774cd538461d7cdf40f22ELSA-2016-1292ol6_x86_64_latest_archive
libxml2-2.7.6-20.0.1.el6_7.1.x86_64.rpmeeb55e7654794ee06a06f08d7b029fc250f4f824534a767cbe956fde744087b3ELSA-2016-1292exadata_dbserver_12.1.2.2.1_x86_64_base
libxml2-2.7.6-20.0.1.el6_7.1.x86_64.rpmeeb55e7654794ee06a06f08d7b029fc250f4f824534a767cbe956fde744087b3ELSA-2016-1292exadata_dbserver_12.1.2.2.2_x86_64_base
libxml2-2.7.6-20.0.1.el6_7.1.x86_64.rpmeeb55e7654794ee06a06f08d7b029fc250f4f824534a767cbe956fde744087b3ELSA-2016-1292exadata_dbserver_12.1.2.3.0_x86_64_base
libxml2-2.7.6-20.0.1.el6_7.1.x86_64.rpmeeb55e7654794ee06a06f08d7b029fc250f4f824534a767cbe956fde744087b3ELSA-2016-1292exadata_dbserver_12.1.2.3.1_x86_64_base
libxml2-2.7.6-20.0.1.el6_7.1.x86_64.rpmeeb55e7654794ee06a06f08d7b029fc250f4f824534a767cbe956fde744087b3ELSA-2016-1292ol6_u7_x86_64_patch
libxml2-2.7.6-20.0.1.el6_7.1.x86_64.rpmeeb55e7654794ee06a06f08d7b029fc250f4f824534a767cbe956fde744087b3ELSA-2016-1292ol6_x86_64_latest_archive
libxml2-devel-2.7.6-20.0.1.el6_7.1.i686.rpm9835354e65f74867c6b3485b0fc7063a1639267b851bd6c1f930335445b57e02ELSA-2016-1292ol6_u7_x86_64_patch
libxml2-devel-2.7.6-20.0.1.el6_7.1.i686.rpm9835354e65f74867c6b3485b0fc7063a1639267b851bd6c1f930335445b57e02ELSA-2016-1292ol6_x86_64_latest_archive
libxml2-devel-2.7.6-20.0.1.el6_7.1.x86_64.rpm3854293fb9b538bf16b9353cfff79711ee0555fd6ed78ebf8344ee12bbb3eb1cELSA-2016-1292ol6_u7_x86_64_patch
libxml2-devel-2.7.6-20.0.1.el6_7.1.x86_64.rpm3854293fb9b538bf16b9353cfff79711ee0555fd6ed78ebf8344ee12bbb3eb1cELSA-2016-1292ol6_x86_64_latest_archive
libxml2-python-2.7.6-20.0.1.el6_7.1.x86_64.rpmcef59aa8aa16232a24e0ed733fa3387127f09b6e6ddd565efe94caba78de2965ELSA-2016-1292exadata_dbserver_12.1.2.2.1_x86_64_base
libxml2-python-2.7.6-20.0.1.el6_7.1.x86_64.rpmcef59aa8aa16232a24e0ed733fa3387127f09b6e6ddd565efe94caba78de2965ELSA-2016-1292exadata_dbserver_12.1.2.2.2_x86_64_base
libxml2-python-2.7.6-20.0.1.el6_7.1.x86_64.rpmcef59aa8aa16232a24e0ed733fa3387127f09b6e6ddd565efe94caba78de2965ELSA-2016-1292exadata_dbserver_12.1.2.3.0_x86_64_base
libxml2-python-2.7.6-20.0.1.el6_7.1.x86_64.rpmcef59aa8aa16232a24e0ed733fa3387127f09b6e6ddd565efe94caba78de2965ELSA-2016-1292exadata_dbserver_12.1.2.3.1_x86_64_base
libxml2-python-2.7.6-20.0.1.el6_7.1.x86_64.rpmcef59aa8aa16232a24e0ed733fa3387127f09b6e6ddd565efe94caba78de2965ELSA-2016-1292ol6_u7_x86_64_patch
libxml2-python-2.7.6-20.0.1.el6_7.1.x86_64.rpmcef59aa8aa16232a24e0ed733fa3387127f09b6e6ddd565efe94caba78de2965ELSA-2016-1292ol6_x86_64_latest_archive
libxml2-static-2.7.6-20.0.1.el6_7.1.x86_64.rpm7bd8d6043d253762ced01231134a782e6013c72aebde65d9023778edbfbe7981ELSA-2016-1292ol6_u7_x86_64_patch
libxml2-static-2.7.6-20.0.1.el6_7.1.x86_64.rpm7bd8d6043d253762ced01231134a782e6013c72aebde65d9023778edbfbe7981ELSA-2016-1292ol6_x86_64_latest_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights