RHSA-2012:0017High
Red Hat Security Advisory: libxml2 security update
🔗 CVE IDs covered (6)
📋 Description
CVE-2010-4008 — libxml2: Crash (stack frame overflow or NULL pointer dereference) by traversal of XPath axis CVE-2011-0216 — libxml2: Off-by-one error leading to heap-based buffer overflow in encoding CVE-2011-1944 — libxml2: Heap-based buffer overflow by adding new namespace node to an existing nodeset or merging nodesets CVE-2011-2834 — libxml2: double-free caused by malformed XPath expression in XSLT CVE-2011-3905 — libxml2 out of bounds read CVE-2011-3919 — libxml2: Heap-based buffer overflow when decoding an entity reference with a long name
🔗 References (9)
- selfhttps://access.redhat.com/errata/RHSA-2012:0017
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=645341
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=709747
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=724906
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=735751
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=767387
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=771896
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0017.json