OVMSA-2016-0087
- ULN >
- Oracle Linux Errata repository >
- OVMSA-2016-0087
OVMSA-2016-0087 - libxml2 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2016-06-23 |
Description
[2.7.6-21.0.1.el6.8.1]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball
[2.7.6-21.el6.8.1]
- Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
- Bug 763071: Heap-buffer-overflow in xmlStrncat
- Bug 757711: Heap-buffer-overflow in xmlFAParsePosCharGroup
- Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal
- Bug 758605: Heap-based buffer overread in xmlDictAddString
- Bug 759398: Heap use-after-free in xmlDictComputeFastKey
- Fix inappropriate fetch of entities content (CVE-2016-4449)
- Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (CVE-2016-1837)
- Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
- Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
- Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
- Add missing increments of recursion depth counter to XML parser. (CVE-2016-3705)
- Avoid building recursive entities (CVE-2016-3627)
- Fix some format string warnings with possible format string vulnerability (CVE-2016-4448)
- More format string warnings with possible format string vulnerability (CVE-2016-4448)
[2.7.6-21.el6.8]
- Fix large parse of file from memory (rhbz#862969)
Related CVEs
| CVE-2016-1835 |
| CVE-2016-1836 |
| CVE-2016-1837 |
| CVE-2016-1839 |
| CVE-2016-1762 |
| CVE-2016-1838 |
| CVE-2016-3705 |
| CVE-2016-4448 |
| CVE-2016-4449 |
| CVE-2016-1833 |
| CVE-2016-1840 |
| CVE-2016-1834 |
| CVE-2016-3627 |
| CVE-2016-4447 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle VM 3.3 (x86_64) | libxml2-2.7.6-21.0.1.el6_8.1.src.rpm | 20eae661a8825e4aeb4fddca6e9fda7150e7edd37fcea6055a1db8da85c7bcfd | - | ovm3_x86_64_3.3_patch |
| libxml2-2.7.6-21.0.1.el6_8.1.x86_64.rpm | 8b8227fca9a3d015e421e1ae6292365e9325e25bc9670fac043cdb3469ddd10a | - | ovm3_x86_64_3.3_patch | |
| libxml2-python-2.7.6-21.0.1.el6_8.1.x86_64.rpm | 1c3d3308c486e589cde546dc0d2c7366c41a621f4342b7fdfe616a3af3b17ec9 | - | ovm3_x86_64_3.3_patch | |
| Oracle VM 3.4 (x86_64) | libxml2-2.7.6-21.0.1.el6_8.1.src.rpm | 20eae661a8825e4aeb4fddca6e9fda7150e7edd37fcea6055a1db8da85c7bcfd | - | ovm34_x86_64_latest |
| libxml2-2.7.6-21.0.1.el6_8.1.x86_64.rpm | 8b8227fca9a3d015e421e1ae6292365e9325e25bc9670fac043cdb3469ddd10a | - | ovm34_x86_64_latest | |
| libxml2-python-2.7.6-21.0.1.el6_8.1.x86_64.rpm | 1c3d3308c486e589cde546dc0d2c7366c41a621f4342b7fdfe616a3af3b17ec9 | - | ovm34_x86_64_latest | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
