openSUSE-SU-2021:0764-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:0764-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/openSUSE-SU-2021:0764-1
- Related
- Published
- 2021-05-22T05:03:59Z
- Modified
- 2021-05-22T05:03:59Z
- Summary
- Security update for libxml2
- Details
-
This update for libxml2 fixes the following issues:
- CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698)
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409).
This update was imported from the SUSE:SLE-15:Update update project.
- References
-
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/32MGTWHTQRUPYHYIAVT6OVBDWQDI36DX/
- https://bugzilla.suse.com/1185408
- https://bugzilla.suse.com/1185409
- https://bugzilla.suse.com/1185410
- https://bugzilla.suse.com/1185698
- https://www.suse.com/security/cve/CVE-2021-3516
- https://www.suse.com/security/cve/CVE-2021-3517
- https://www.suse.com/security/cve/CVE-2021-3518
- https://www.suse.com/security/cve/CVE-2021-3537
Affected packages
openSUSE:Leap 15.2 / libxml2
Package
- Name
- libxml2
- Purl
- purl:rpm/suse/libxml2&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.7-lp152.10.12.1
Ecosystem specific
{
"binaries": [
{
"libxml2-tools": "2.9.7-lp152.10.12.1",
"libxml2-devel-32bit": "2.9.7-lp152.10.12.1",
"libxml2-devel": "2.9.7-lp152.10.12.1",
"libxml2-2": "2.9.7-lp152.10.12.1",
"libxml2-doc": "2.9.7-lp152.10.12.1",
"python3-libxml2-python": "2.9.7-lp152.10.12.1",
"python2-libxml2-python": "2.9.7-lp152.10.12.1",
"libxml2-2-32bit": "2.9.7-lp152.10.12.1"
}
]
}
openSUSE:Leap 15.2 / python-libxml2-python
Package
- Name
- python-libxml2-python
- Purl
- purl:rpm/suse/python-libxml2-python&distro=openSUSE%20Leap%2015.2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.7-lp152.10.12.1
Ecosystem specific
{
"binaries": [
{
"libxml2-tools": "2.9.7-lp152.10.12.1",
"libxml2-devel-32bit": "2.9.7-lp152.10.12.1",
"libxml2-devel": "2.9.7-lp152.10.12.1",
"libxml2-2": "2.9.7-lp152.10.12.1",
"libxml2-doc": "2.9.7-lp152.10.12.1",
"python3-libxml2-python": "2.9.7-lp152.10.12.1",
"python2-libxml2-python": "2.9.7-lp152.10.12.1",
"libxml2-2-32bit": "2.9.7-lp152.10.12.1"
}
]
}