ELSA-2015-2550
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-2550
ELSA-2015-2550 - libxml2 security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2015-12-07 |
Description
[2.9.1-6.0.1.el7_1.2]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball
[2.9.1-6.2]
- Fix a series of CVEs (rhbz#1286496)
- CVE-2015-7941 Stop parsing on entities boundaries errors
- CVE-2015-7941 Cleanup conditional section error handling
- CVE-2015-8317 Fail parsing early on if encoding conversion failed
- CVE-2015-7942 Another variation of overflow in Conditional sections
- CVE-2015-7942 Fix an error in previous Conditional section patch
- Fix parsing short unclosed comment uninitialized access
- CVE-2015-7498 Avoid processing entities after encoding conversion failures
- CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
- CVE-2015-5312 Another entity expansion issue
- CVE-2015-7499 Add xmlHaltParser() to stop the parser
- CVE-2015-7499 Detect incoherency on GROW
- CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
- CVE-2015-8242 Buffer overead with HTML parser in push mode
- CVE-2015-1819 Enforce the reader to run in constant memory
[2.9.1-6]
- Fix missing entities after CVE-2014-3660 fix
- CVE-2014-0191 Do not fetch external parameter entities (rhbz#1195650)
- Fix regressions introduced by CVE-2014-0191 patch
[2.9.1-5.1]
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149087)
Related CVEs
| CVE-2015-1819 |
| CVE-2015-5312 |
| CVE-2015-7497 |
| CVE-2015-7498 |
| CVE-2015-7499 |
| CVE-2015-7500 |
| CVE-2015-7941 |
| CVE-2015-7942 |
| CVE-2015-8241 |
| CVE-2015-8242 |
| CVE-2015-8317 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | libxml2-2.9.1-6.0.1.el7_2.2.src.rpm | 6fe4c7a2da8211181197d2a0efa2a4c9 | ELSA-2020-3996 |
| libxml2-2.9.1-6.0.1.el7_2.2.i686.rpm | d1bf56b6086c4ce6964735a082b87346 | ELSA-2020-3996 | |
| libxml2-2.9.1-6.0.1.el7_2.2.x86_64.rpm | 193ad97baa989321ecf6d6c43e9b3d43 | ELSA-2020-3996 | |
| libxml2-devel-2.9.1-6.0.1.el7_2.2.i686.rpm | 4341f683bb0a5f6c14eef85886c091b8 | ELSA-2020-3996 | |
| libxml2-devel-2.9.1-6.0.1.el7_2.2.x86_64.rpm | ddc3b2a9cdf5d477f64d7a1d9257afbe | ELSA-2020-3996 | |
| libxml2-python-2.9.1-6.0.1.el7_2.2.x86_64.rpm | f06da4ae348564fad22a00715120fa9b | ELSA-2020-3996 | |
| libxml2-static-2.9.1-6.0.1.el7_2.2.i686.rpm | f0cca2920c98ef223af592f5b59040e1 | ELSA-2020-3996 | |
| libxml2-static-2.9.1-6.0.1.el7_2.2.x86_64.rpm | cf9c760950f142cfdc8606037a47c8d0 | ELSA-2020-3996 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
