Advisories ยป MGASA-2015-0457

Updated libxml2 packages fix security vulnerabilities

Publication date: 26 Nov 2015
Modification date: 20 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5312 , CVE-2015-7497 , CVE-2015-7498 , CVE-2015-7499 , CVE-2015-7500 , CVE-2015-8241 , CVE-2015-8242 , CVE-2015-8317 , CVE-2015-8710

Description

Updated libxml2 packages fix security vulnerabilities:

In libxml2 before 2.9.3, one case where when dealing with entities expansion,
it failed to exit, leading to a denial of service (CVE-2015-5312).

In libxml2 before 2.9.3, it was possible to hit a negative offset in the name
indexing used to randomize the dictionary key generation, causing a heap
buffer overflow in xmlDictComputeFastQKey (CVE-2015-7497).

In libxml2 before 2.9.3, after encoding conversion failures, the parser was
continuing to process to extract more errors, which can potentially lead to
unexpected behaviour (CVE-2015-7498).

In libxml2 before 2.9.3, the parser failed to detect a case where the current
pointer to the input was out of range, leaving it in an incoherent state
(CVE-2015-7499).

In libxml2 before 2.9.3, a memory access error could happen while processing
a start tag due to incorrect entities boundaries (CVE-2015-7500).

In libxml2 before 2.9.3, a buffer overread in xmlNextChar due to extra
processing of MarkupDecl after EOF has been reached (CVE-2015-8241).

In libxml2 before 2.9.3, stack-basedb uffer overead with HTML parser in push
mode (CVE-2015-8242).

In libxml2 before 2.9.3, out of bounds heap reads could happen due to failure
processing the encoding declaration of the XMLDecl in xmlParseEncodingDecl
(CVE-2015-8317).

In libxml2 before 2.9.3, out of bounds memory access via unclosed html
comment (CVE-2015-8710).

References

SRPMS

5/core