ELSA-2015-2550

ULN >
Oracle Linux Errata repository >
ELSA-2015-2550

ELSA-2015-2550 - libxml2 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2015-12-07

Description

[2.9.1-6.0.1.el7_1.2]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball

[2.9.1-6.2]
- Fix a series of CVEs (rhbz#1286496)
- CVE-2015-7941 Stop parsing on entities boundaries errors
- CVE-2015-7941 Cleanup conditional section error handling
- CVE-2015-8317 Fail parsing early on if encoding conversion failed
- CVE-2015-7942 Another variation of overflow in Conditional sections
- CVE-2015-7942 Fix an error in previous Conditional section patch
- Fix parsing short unclosed comment uninitialized access
- CVE-2015-7498 Avoid processing entities after encoding conversion failures
- CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
- CVE-2015-5312 Another entity expansion issue
- CVE-2015-7499 Add xmlHaltParser() to stop the parser
- CVE-2015-7499 Detect incoherency on GROW
- CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
- CVE-2015-8242 Buffer overead with HTML parser in push mode
- CVE-2015-1819 Enforce the reader to run in constant memory

[2.9.1-6]
- Fix missing entities after CVE-2014-3660 fix
- CVE-2014-0191 Do not fetch external parameter entities (rhbz#1195650)
- Fix regressions introduced by CVE-2014-0191 patch

[2.9.1-5.1]
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087)

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	libxml2-2.9.1-6.0.1.el7_2.2.src.rpm	4b25ec91b03aeef7be990158c9aee3c25c84194a3876bc9941cbff971e84c049	ELSA-2025-2673	ol7_x86_64_latest_archive
	libxml2-2.9.1-6.0.1.el7_2.2.src.rpm	4b25ec91b03aeef7be990158c9aee3c25c84194a3876bc9941cbff971e84c049	ELSA-2025-2673	ol7_x86_64_optional_archive
	libxml2-2.9.1-6.0.1.el7_2.2.src.rpm	4b25ec91b03aeef7be990158c9aee3c25c84194a3876bc9941cbff971e84c049	ELSA-2025-2673	ol7_x86_64_u2_patch
	libxml2-2.9.1-6.0.1.el7_2.2.i686.rpm	caf2ac53c863ab79e89a6556acdaba0321a4a656e7552486d7e2af7c5c993ed4	ELSA-2025-2673	ol7_x86_64_latest_archive
	libxml2-2.9.1-6.0.1.el7_2.2.i686.rpm	caf2ac53c863ab79e89a6556acdaba0321a4a656e7552486d7e2af7c5c993ed4	ELSA-2025-2673	ol7_x86_64_u2_patch
	libxml2-2.9.1-6.0.1.el7_2.2.x86_64.rpm	123483a11d7a4a4e9e4080191f441b5cb2269198bb8d1e54a3a6d0f6b3b17fdb	ELSA-2025-2673	ol7_x86_64_latest_archive
	libxml2-2.9.1-6.0.1.el7_2.2.x86_64.rpm	123483a11d7a4a4e9e4080191f441b5cb2269198bb8d1e54a3a6d0f6b3b17fdb	ELSA-2025-2673	ol7_x86_64_u2_patch
	libxml2-devel-2.9.1-6.0.1.el7_2.2.i686.rpm	c816f3df114eb1c0eb3342ed9c590bebdf311acadac00d41647cb55737dd435a	ELSA-2025-2673	ol7_x86_64_latest_archive
	libxml2-devel-2.9.1-6.0.1.el7_2.2.i686.rpm	c816f3df114eb1c0eb3342ed9c590bebdf311acadac00d41647cb55737dd435a	ELSA-2025-2673	ol7_x86_64_u2_patch
	libxml2-devel-2.9.1-6.0.1.el7_2.2.x86_64.rpm	d8c9de18c5f445d79146dc3605468643cfc1bde0bc8a4376d7ec967c9b295d9b	ELSA-2025-2673	ol7_x86_64_latest_archive
	libxml2-devel-2.9.1-6.0.1.el7_2.2.x86_64.rpm	d8c9de18c5f445d79146dc3605468643cfc1bde0bc8a4376d7ec967c9b295d9b	ELSA-2025-2673	ol7_x86_64_u2_patch
	libxml2-python-2.9.1-6.0.1.el7_2.2.x86_64.rpm	74ca2c2f985c149ff55a9ea05c08fae7a849ee4352f6d6f411df9885879bff32	ELSA-2025-2673	ol7_x86_64_latest_archive
	libxml2-python-2.9.1-6.0.1.el7_2.2.x86_64.rpm	74ca2c2f985c149ff55a9ea05c08fae7a849ee4352f6d6f411df9885879bff32	ELSA-2025-2673	ol7_x86_64_u2_patch
	libxml2-static-2.9.1-6.0.1.el7_2.2.i686.rpm	5f445663fb50116f7bbda7d20d978103c6bd18d80cb3d23c4adb222f2d1dfaf1	ELSA-2025-2673	ol7_x86_64_optional_archive
	libxml2-static-2.9.1-6.0.1.el7_2.2.x86_64.rpm	f79718fd8f2f73db35be621cc9d36ee68c5ce9084a1ee9d1dec6724bb72e816d	ELSA-2025-2673	ol7_x86_64_optional_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691