Updated libxml2_2 packages fix security vulnerabilities
Publication date: 24 Feb 2020Modification date: 24 Feb 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-20388 , CVE-2020-7595
Description
Updated libxml2 packages fix security vulnerabilities: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak (CVE-2019-20388). xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation (CVE-2020-7595).
References
SRPMS
7/core
- libxml2-2.9.9-2.3.mga7