Bugs fixes in "libxml2"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2017-18258 | The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA | 2018-08-14 |
| CVE | CVE-2016-9318 | libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current docume | 2018-08-14 |
| CVE | CVE-2017-16932 | parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | 2018-08-14 |
| CVE | CVE-2018-14404 | A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath e | 2018-08-14 |
| CVE | CVE-2017-18258 | The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA | 2018-08-14 |
| CVE | CVE-2016-9318 | libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current docume | 2018-08-14 |
| CVE | CVE-2017-16932 | parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | 2018-08-14 |
| CVE | CVE-2018-14404 | A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath e | 2018-08-14 |
| CVE | CVE-2017-18258 | The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA | 2018-08-14 |
| CVE | CVE-2016-9318 | libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current docume | 2018-08-14 |
| CVE | CVE-2017-15412 | use after free | 2017-12-13 |
| CVE | CVE-2017-15412 | use after free | 2017-12-13 |
| CVE | CVE-2017-16932 | parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | 2017-12-05 |
| CVE | CVE-2017-16932 | parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | 2017-12-05 |
| CVE | CVE-2016-5131 | Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of ser | 2017-03-16 |
| CVE | CVE-2016-4658 | libxml2 in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a | 2017-03-16 |
| CVE | CVE-2016-4448 | Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. | 2017-03-16 |
| Launchpad | 1652325 | Libxml2 2.9.3 fails to parse multi-byte character in large CDATA section that is split across buffer | 2017-03-16 |
| CVE | CVE-2016-5131 | Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of ser | 2017-03-16 |
| CVE | CVE-2016-4658 | libxml2 in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a | 2017-03-16 |
About
-
Send Feedback to @ubuntu_updates
