Package "python3-libxml2"
Name: |
python3-libxml2
|
Description: |
GNOME XML library - Python3 bindings
|
Latest version: |
2.9.14+dfsg-1.1ubuntu0.1 |
Release: |
lunar (23.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
libxml2 |
Homepage: |
http://xmlsoft.org |
Links
Download "python3-libxml2"
Other versions of "python3-libxml2" in Lunar
Changelog
libxml2 (2.9.14+dfsg-1.1ubuntu0.1) lunar-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2309.patch: reset nsNr in
xmlCtxReset in parser.c (LP: #1996494).
- CVE-2022-2309
* SECURITY UPDATE: Null dereference
- debian/patches/CVE-2023-28484-*.patch: Fix null-pointer-deref in
xmlSchemaCheckCOSSTDerivedOK and xmlSchemaFixupComplexType
when parsing (invalid) XML schemas in
result/schemas/oss-fuzz-51295_0_0.err,
test/schemas/oss-fuzz-51295_0.xml,
test/schemas/oss-fuzz-51295_0.xsd,
xmlschemas.c.
- CVE-2023-28484
* SECURITY UPDATE: Logic or memory errors and double frees
- debian/patches/CVE-2023-29469.patch: check namelen less equal zero in
dict.c.
- CVE-2023-29469
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 06 Jun 2023 13:24:32 -0300
|
1996494 |
CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash) |
CVE-2022-2309 |
NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libx |
CVE-2023-28484 |
NULL dereference in xmlSchemaFixupComplexType |
CVE-2023-29469 |
Hashing of empty dict strings isn't deterministic |
|
About
-
Send Feedback to @ubuntu_updates