Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:5250: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-29824: libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write
Red Hat Security Data
#vulnerability#linux#red_hat#ibm#sap

概述

Moderate: libxml2 security update

类型/严重性

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

标题

An update for libxml2 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

The libxml2 library is a development toolbox providing the implementation of various XML standards.

Security Fix(es):

  • libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write (CVE-2022-29824)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The desktop must be restarted (log out, then log back in) for this update to take effect.

受影响的产品

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

修复

  • BZ - 2082158 - CVE-2022-29824 libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write

参考

  • https://access.redhat.com/security/updates/classification/#moderate

Red Hat Enterprise Linux for x86_64 9

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

x86_64

libxml2-2.9.13-1.el9_0.1.i686.rpm

SHA-256: b50e3cf1e20b0f91282dc866e4409e4012dcda8d21f9882b190862a53b0043d2

libxml2-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: c83ba95fa21dab71003dabe0ea92fa4cdea3dcb96f704d4f5edbf80ef17d01c9

libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 3adbac3aa5379f83563e0955bfea61de772b812aa61d166c5625b8bf5e8834b0

libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 3adbac3aa5379f83563e0955bfea61de772b812aa61d166c5625b8bf5e8834b0

libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ec21552f25fae1e1001e5ae601f87e06f8c8aaee57431261f8e7813dfd72f645

libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ec21552f25fae1e1001e5ae601f87e06f8c8aaee57431261f8e7813dfd72f645

libxml2-debugsource-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 2cb3586a46ff8d68a0a5e16f4fb4eb6fa97025202cc1dacdf9f8f2d2621df46a

libxml2-debugsource-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 2cb3586a46ff8d68a0a5e16f4fb4eb6fa97025202cc1dacdf9f8f2d2621df46a

libxml2-debugsource-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ef887f8d3509829bd7edf63a3c5fd36ccc941a46834c6fe75c8e7b7f260affec

libxml2-debugsource-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ef887f8d3509829bd7edf63a3c5fd36ccc941a46834c6fe75c8e7b7f260affec

libxml2-devel-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 031f5aafcbbc0ddfc35d93141268431471b2d3d570daa11a8052ca8ddf19051b

libxml2-devel-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 9995ab30b650be76289b99fe30ccd3ab46b7fe23dcedf8501bf090102da5e3f5

python3-libxml2-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 0265e8d6e55db03105a0c41f085f64ef14e9ea55ecf6b045255e0fa04bcd8a3e

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 27072405f15dde13008238aaae2225726418b03cb4960f4f23615c9cd55c1c88

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 27072405f15dde13008238aaae2225726418b03cb4960f4f23615c9cd55c1c88

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 8e87261e226da0f59fdf3b6c8a6dab74eda04f99dbd5f69b1b9b1e16e1c32380

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 8e87261e226da0f59fdf3b6c8a6dab74eda04f99dbd5f69b1b9b1e16e1c32380

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

x86_64

libxml2-2.9.13-1.el9_0.1.i686.rpm

SHA-256: b50e3cf1e20b0f91282dc866e4409e4012dcda8d21f9882b190862a53b0043d2

libxml2-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: c83ba95fa21dab71003dabe0ea92fa4cdea3dcb96f704d4f5edbf80ef17d01c9

libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 3adbac3aa5379f83563e0955bfea61de772b812aa61d166c5625b8bf5e8834b0

libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 3adbac3aa5379f83563e0955bfea61de772b812aa61d166c5625b8bf5e8834b0

libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ec21552f25fae1e1001e5ae601f87e06f8c8aaee57431261f8e7813dfd72f645

libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ec21552f25fae1e1001e5ae601f87e06f8c8aaee57431261f8e7813dfd72f645

libxml2-debugsource-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 2cb3586a46ff8d68a0a5e16f4fb4eb6fa97025202cc1dacdf9f8f2d2621df46a

libxml2-debugsource-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 2cb3586a46ff8d68a0a5e16f4fb4eb6fa97025202cc1dacdf9f8f2d2621df46a

libxml2-debugsource-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ef887f8d3509829bd7edf63a3c5fd36ccc941a46834c6fe75c8e7b7f260affec

libxml2-debugsource-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ef887f8d3509829bd7edf63a3c5fd36ccc941a46834c6fe75c8e7b7f260affec

libxml2-devel-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 031f5aafcbbc0ddfc35d93141268431471b2d3d570daa11a8052ca8ddf19051b

libxml2-devel-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 9995ab30b650be76289b99fe30ccd3ab46b7fe23dcedf8501bf090102da5e3f5

python3-libxml2-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 0265e8d6e55db03105a0c41f085f64ef14e9ea55ecf6b045255e0fa04bcd8a3e

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 27072405f15dde13008238aaae2225726418b03cb4960f4f23615c9cd55c1c88

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 27072405f15dde13008238aaae2225726418b03cb4960f4f23615c9cd55c1c88

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 8e87261e226da0f59fdf3b6c8a6dab74eda04f99dbd5f69b1b9b1e16e1c32380

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 8e87261e226da0f59fdf3b6c8a6dab74eda04f99dbd5f69b1b9b1e16e1c32380

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

s390x

libxml2-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 36cf4002d62841ef9bc65ce26a416d46111938546f36fadfad799639588654c1

libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: d84d7a2d376cb260820b41d84b06c42e57afd3a599a19d0b71f5f00b329eb41f

libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: d84d7a2d376cb260820b41d84b06c42e57afd3a599a19d0b71f5f00b329eb41f

libxml2-debugsource-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: ba47259bc768e0bac3a3c058d06f0f961add085c0241c6c207ce4f33d1611731

libxml2-debugsource-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: ba47259bc768e0bac3a3c058d06f0f961add085c0241c6c207ce4f33d1611731

libxml2-devel-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: a92612a976826269f68402869fa02e95bf63eb946c4b4d2b2e97594c96e787b5

python3-libxml2-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 717b9beaa65dc7b0f4b41a9f823253bf804e60f9fad2d35b94467d4634f044ec

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 6cb72f4b6ec0f81bde71970cba23beeb94f7c858638486b8674bd36181b17143

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 6cb72f4b6ec0f81bde71970cba23beeb94f7c858638486b8674bd36181b17143

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

s390x

libxml2-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 36cf4002d62841ef9bc65ce26a416d46111938546f36fadfad799639588654c1

libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: d84d7a2d376cb260820b41d84b06c42e57afd3a599a19d0b71f5f00b329eb41f

libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: d84d7a2d376cb260820b41d84b06c42e57afd3a599a19d0b71f5f00b329eb41f

libxml2-debugsource-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: ba47259bc768e0bac3a3c058d06f0f961add085c0241c6c207ce4f33d1611731

libxml2-debugsource-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: ba47259bc768e0bac3a3c058d06f0f961add085c0241c6c207ce4f33d1611731

libxml2-devel-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: a92612a976826269f68402869fa02e95bf63eb946c4b4d2b2e97594c96e787b5

python3-libxml2-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 717b9beaa65dc7b0f4b41a9f823253bf804e60f9fad2d35b94467d4634f044ec

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 6cb72f4b6ec0f81bde71970cba23beeb94f7c858638486b8674bd36181b17143

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 6cb72f4b6ec0f81bde71970cba23beeb94f7c858638486b8674bd36181b17143

Red Hat Enterprise Linux for Power, little endian 9

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

ppc64le

libxml2-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: b07740b2754d4b2aa5193e17722118ea88733de20e4cad6d3ebec2b23556226e

libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 0dfb8c1d464d56c6508896a86ab7bd62c41bfde8936607f789421c16c969aa77

libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 0dfb8c1d464d56c6508896a86ab7bd62c41bfde8936607f789421c16c969aa77

libxml2-debugsource-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: d9a400085d7792f0995566324694839ab9e560266eb1a7e17112daebe23851b0

libxml2-debugsource-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: d9a400085d7792f0995566324694839ab9e560266eb1a7e17112daebe23851b0

libxml2-devel-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: b14c8c520902cd50732c2d18ee8595a1dff5f56d7e124541128751dc389f26ab

python3-libxml2-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 5eccb4fbc8ffd181a9056ce296a6de874ca4f0aa1a720664c6ccedd96f605884

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 3e5896f32b607602961d94c9a14da3effa91fe80dc3d9738af86aa5011ca3750

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 3e5896f32b607602961d94c9a14da3effa91fe80dc3d9738af86aa5011ca3750

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

ppc64le

libxml2-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: b07740b2754d4b2aa5193e17722118ea88733de20e4cad6d3ebec2b23556226e

libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 0dfb8c1d464d56c6508896a86ab7bd62c41bfde8936607f789421c16c969aa77

libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 0dfb8c1d464d56c6508896a86ab7bd62c41bfde8936607f789421c16c969aa77

libxml2-debugsource-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: d9a400085d7792f0995566324694839ab9e560266eb1a7e17112daebe23851b0

libxml2-debugsource-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: d9a400085d7792f0995566324694839ab9e560266eb1a7e17112daebe23851b0

libxml2-devel-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: b14c8c520902cd50732c2d18ee8595a1dff5f56d7e124541128751dc389f26ab

python3-libxml2-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 5eccb4fbc8ffd181a9056ce296a6de874ca4f0aa1a720664c6ccedd96f605884

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 3e5896f32b607602961d94c9a14da3effa91fe80dc3d9738af86aa5011ca3750

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 3e5896f32b607602961d94c9a14da3effa91fe80dc3d9738af86aa5011ca3750

Red Hat Enterprise Linux for ARM 64 9

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

aarch64

libxml2-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: fdcad18680c3ace9d93e200bd3d35ce26271b5bf72bec6e79b8fbf48574b5728

libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 70c1b0b8a3a4634e25792e77252af77b3bef23cf7c11271c48f22ed94295b058

libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 70c1b0b8a3a4634e25792e77252af77b3bef23cf7c11271c48f22ed94295b058

libxml2-debugsource-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 2530a07163c81d7b075ff9957107f807aad67efe70c6c4662d0a054d44a344f6

libxml2-debugsource-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 2530a07163c81d7b075ff9957107f807aad67efe70c6c4662d0a054d44a344f6

libxml2-devel-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 697351f10f7945b62c486a001495b4dfe0fd866ca25461d6b4855523219bfaa7

python3-libxml2-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 71b559be2fdacae9c3fce43ef62472925f4e0d9bc4813f5edd92a485b3a191bb

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 61b79aa081a8060ab200d286c4685d24150cbf8e71a44bf9f0785c9a3851d5b4

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 61b79aa081a8060ab200d286c4685d24150cbf8e71a44bf9f0785c9a3851d5b4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

aarch64

libxml2-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: fdcad18680c3ace9d93e200bd3d35ce26271b5bf72bec6e79b8fbf48574b5728

libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 70c1b0b8a3a4634e25792e77252af77b3bef23cf7c11271c48f22ed94295b058

libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 70c1b0b8a3a4634e25792e77252af77b3bef23cf7c11271c48f22ed94295b058

libxml2-debugsource-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 2530a07163c81d7b075ff9957107f807aad67efe70c6c4662d0a054d44a344f6

libxml2-debugsource-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 2530a07163c81d7b075ff9957107f807aad67efe70c6c4662d0a054d44a344f6

libxml2-devel-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 697351f10f7945b62c486a001495b4dfe0fd866ca25461d6b4855523219bfaa7

python3-libxml2-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 71b559be2fdacae9c3fce43ef62472925f4e0d9bc4813f5edd92a485b3a191bb

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 61b79aa081a8060ab200d286c4685d24150cbf8e71a44bf9f0785c9a3851d5b4

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 61b79aa081a8060ab200d286c4685d24150cbf8e71a44bf9f0785c9a3851d5b4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

ppc64le

libxml2-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: b07740b2754d4b2aa5193e17722118ea88733de20e4cad6d3ebec2b23556226e

libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 0dfb8c1d464d56c6508896a86ab7bd62c41bfde8936607f789421c16c969aa77

libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 0dfb8c1d464d56c6508896a86ab7bd62c41bfde8936607f789421c16c969aa77

libxml2-debugsource-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: d9a400085d7792f0995566324694839ab9e560266eb1a7e17112daebe23851b0

libxml2-debugsource-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: d9a400085d7792f0995566324694839ab9e560266eb1a7e17112daebe23851b0

libxml2-devel-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: b14c8c520902cd50732c2d18ee8595a1dff5f56d7e124541128751dc389f26ab

python3-libxml2-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 5eccb4fbc8ffd181a9056ce296a6de874ca4f0aa1a720664c6ccedd96f605884

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 3e5896f32b607602961d94c9a14da3effa91fe80dc3d9738af86aa5011ca3750

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.ppc64le.rpm

SHA-256: 3e5896f32b607602961d94c9a14da3effa91fe80dc3d9738af86aa5011ca3750

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

x86_64

libxml2-2.9.13-1.el9_0.1.i686.rpm

SHA-256: b50e3cf1e20b0f91282dc866e4409e4012dcda8d21f9882b190862a53b0043d2

libxml2-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: c83ba95fa21dab71003dabe0ea92fa4cdea3dcb96f704d4f5edbf80ef17d01c9

libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 3adbac3aa5379f83563e0955bfea61de772b812aa61d166c5625b8bf5e8834b0

libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 3adbac3aa5379f83563e0955bfea61de772b812aa61d166c5625b8bf5e8834b0

libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ec21552f25fae1e1001e5ae601f87e06f8c8aaee57431261f8e7813dfd72f645

libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ec21552f25fae1e1001e5ae601f87e06f8c8aaee57431261f8e7813dfd72f645

libxml2-debugsource-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 2cb3586a46ff8d68a0a5e16f4fb4eb6fa97025202cc1dacdf9f8f2d2621df46a

libxml2-debugsource-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 2cb3586a46ff8d68a0a5e16f4fb4eb6fa97025202cc1dacdf9f8f2d2621df46a

libxml2-debugsource-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ef887f8d3509829bd7edf63a3c5fd36ccc941a46834c6fe75c8e7b7f260affec

libxml2-debugsource-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: ef887f8d3509829bd7edf63a3c5fd36ccc941a46834c6fe75c8e7b7f260affec

libxml2-devel-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 031f5aafcbbc0ddfc35d93141268431471b2d3d570daa11a8052ca8ddf19051b

libxml2-devel-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 9995ab30b650be76289b99fe30ccd3ab46b7fe23dcedf8501bf090102da5e3f5

python3-libxml2-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 0265e8d6e55db03105a0c41f085f64ef14e9ea55ecf6b045255e0fa04bcd8a3e

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 27072405f15dde13008238aaae2225726418b03cb4960f4f23615c9cd55c1c88

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.i686.rpm

SHA-256: 27072405f15dde13008238aaae2225726418b03cb4960f4f23615c9cd55c1c88

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 8e87261e226da0f59fdf3b6c8a6dab74eda04f99dbd5f69b1b9b1e16e1c32380

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.x86_64.rpm

SHA-256: 8e87261e226da0f59fdf3b6c8a6dab74eda04f99dbd5f69b1b9b1e16e1c32380

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

aarch64

libxml2-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: fdcad18680c3ace9d93e200bd3d35ce26271b5bf72bec6e79b8fbf48574b5728

libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 70c1b0b8a3a4634e25792e77252af77b3bef23cf7c11271c48f22ed94295b058

libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 70c1b0b8a3a4634e25792e77252af77b3bef23cf7c11271c48f22ed94295b058

libxml2-debugsource-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 2530a07163c81d7b075ff9957107f807aad67efe70c6c4662d0a054d44a344f6

libxml2-debugsource-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 2530a07163c81d7b075ff9957107f807aad67efe70c6c4662d0a054d44a344f6

libxml2-devel-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 697351f10f7945b62c486a001495b4dfe0fd866ca25461d6b4855523219bfaa7

python3-libxml2-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 71b559be2fdacae9c3fce43ef62472925f4e0d9bc4813f5edd92a485b3a191bb

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 61b79aa081a8060ab200d286c4685d24150cbf8e71a44bf9f0785c9a3851d5b4

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.aarch64.rpm

SHA-256: 61b79aa081a8060ab200d286c4685d24150cbf8e71a44bf9f0785c9a3851d5b4

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM

libxml2-2.9.13-1.el9_0.1.src.rpm

SHA-256: a8a49986a8335e3e1271b0e72f48a9c01e4e2f3049949cf96ddc24b0381a2a3f

s390x

libxml2-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 36cf4002d62841ef9bc65ce26a416d46111938546f36fadfad799639588654c1

libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: d84d7a2d376cb260820b41d84b06c42e57afd3a599a19d0b71f5f00b329eb41f

libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: d84d7a2d376cb260820b41d84b06c42e57afd3a599a19d0b71f5f00b329eb41f

libxml2-debugsource-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: ba47259bc768e0bac3a3c058d06f0f961add085c0241c6c207ce4f33d1611731

libxml2-debugsource-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: ba47259bc768e0bac3a3c058d06f0f961add085c0241c6c207ce4f33d1611731

libxml2-devel-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: a92612a976826269f68402869fa02e95bf63eb946c4b4d2b2e97594c96e787b5

python3-libxml2-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 717b9beaa65dc7b0f4b41a9f823253bf804e60f9fad2d35b94467d4634f044ec

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 6cb72f4b6ec0f81bde71970cba23beeb94f7c858638486b8674bd36181b17143

python3-libxml2-debuginfo-2.9.13-1.el9_0.1.s390x.rpm

SHA-256: 6cb72f4b6ec0f81bde71970cba23beeb94f7c858638486b8674bd36181b17143

Related news

CVE-2023-6273: December

Permission management vulnerability in the module for disabling Sound Booster. Successful exploitation of this vulnerability may cause features to perform abnormally.

RHSA-2023:4053: Red Hat Security Advisory: OpenShift Container Platform 4.11.45 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21235: A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands o...

Red Hat Security Advisory 2023-1326-01

Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.

CVE-2023-21954: Oracle Critical Patch Update Advisory - April 2023

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

CVE-2023-21850: Oracle Critical Patch Update Advisory - January 2023

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

libxml2 xmlParseNameComplex Integer Overflow

libxml2 suffers from an integer overflow vulnerability in xmlParseNameComplex.

CVE-2022-21587: Oracle Critical Patch Update Advisory - October 2022

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

RHSA-2022:6696: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.6 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-31150: nodejs16: CRLF injection in node-undici * CVE-2022-31151: nodejs/undici: Cookie headers uncleared on cross-origin redirect * CV...

Red Hat Security Advisory 2022-6526-01

Red Hat Security Advisory 2022-6526-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 4.11.0 images: RHEL-8-CNV-4.11. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

RHSA-2022:6429: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.4 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-28500: nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions * CVE-2021-23337: nodejs-lodash: command injection via template * CVE-2022-0512: nodejs-url-parse: authorization bypass through user-controlled key * CVE-2022-0639: npm-url-parse: Authorization Bypass Through User-Controlled Key * CVE-2022-0686: npm-url-parse: Authorization bypass thr...

Red Hat Security Advisory 2022-6348-01

Red Hat Security Advisory 2022-6348-01 - Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include bug fixes and container upgrades.

RHSA-2022:6346: Red Hat Security Advisory: RHSA: Submariner 0.13 - security and enhancement update

Submariner 0.13 packages that fix security issues and bugs, as well as adds various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions...

Red Hat Security Advisory 2022-6271-01

Red Hat Security Advisory 2022-6271-01 - This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.

RHSA-2022:6156: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update

Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.11.0 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-23440: nodejs-set-value: type confusion allows bypass of CVE-2019-10747 * CVE-2021-23566: nanoid: Information disclosure via valueOf() function * CVE-2022-0235: node-fetch: exposure of sensitive information to an unauthorized actor * CVE-2022-0536: follow-...

Red Hat Security Advisory 2022-5069-01

Red Hat Security Advisory 2022-5069-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include code execution, cross site scripting, denial of service, information leakage, and traversal vulnerabilities.

Red Hat Security Advisory 2022-5070-01

Red Hat Security Advisory 2022-5070-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include denial of service, out of bounds read, and traversal vulnerabilities.

Red Hat Security Advisory 2022-5909-01

Red Hat Security Advisory 2022-5909-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-5908-01

Red Hat Security Advisory 2022-5908-01 - Openshift Logging Bug Fix Release. Issues addressed include denial of service and out of bounds read vulnerabilities.

RHSA-2022:5909: Red Hat Security Advisory: Openshift Logging Bug Fix and security update Release (5.2.13)

Openshift Logging Bug Fix Release (5.2.13) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS

RHSA-2022:5908: Red Hat Security Advisory: Openshift Logging Bug Fix and security update Release (5.3.10)

Openshift Logging Bug Fix Release (5.3.10) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS

RHSA-2022:5840: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.3 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1365: cross-fetch: Exposure of Private Personal Information to an Unauthorized Actor * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-28327: golang: crypto/elliptic: panic caused by oversized scalar * CVE-2022-29526: golang: syscall: faccessat checks wrong group

Red Hat Security Advisory 2022-5531-01

Red Hat Security Advisory 2022-5531-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs.

Red Hat Security Advisory 2022-5556-01

Red Hat Security Advisory 2022-5556-01 - Logging Subsystem 5.4.3 has security updates. Issues addressed include denial of service and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-5704-01

Red Hat Security Advisory 2022-5704-01 - Updated images are now available for Red Hat Advanced Cluster Security. Issues addressed include a privilege escalation vulnerability.

RHSA-2022:5704: Red Hat Security Advisory: ACS 3.71 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug fixes and feature improvements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29173: go-tuf: No protection against rollback attacks for roles other than root

Red Hat Security Advisory 2022-5673-01

Red Hat Security Advisory 2022-5673-01 - Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview. Issues addressed include a code execution vulnerability.

RHSA-2022:5673: Red Hat Security Advisory: Release of containers for OSP 16.2.z director operator tech preview

Red Hat OpenStack Platform 16.2 (Train) director operator containers, with several Important security fixes, are available for technology preview.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-41103: containerd: insufficiently restricted permissions on container root and plugin directories * CVE-2021-43565: golang.org/x/crypto: empty plaintext packet causes panic * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

CVE-2022-21586: Oracle Critical Patch Update Advisory - July 2022

Vulnerability in the Oracle Banking Trade Finance product of Oracle Financial Services Applications (component: Infrastructure). The supported version that is affected is 14.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Trade Finance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Banking Trade Finance accessible data as well as unauthorized access to critical data or complete access to all Oracle Banking Trade Finance accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N).

RHSA-2022:5556: Red Hat Security Advisory: Logging Subsystem 5.4.3 - Red Hat OpenShift security update

Logging Subsystem 5.4.3 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS

RHSA-2022:5531: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.1 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.5.1 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24450: nats-server: misusing the "dynamically provisioned sandbox accounts" feature authenticated user can obtain the privileges of the System account

Red Hat Security Advisory 2022-5250-01

Red Hat Security Advisory 2022-5250-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include integer overflow and out of bounds write vulnerabilities.

RHSA-2022:5317: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29824: libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write

libxml2 xmlBufAdd Heap Buffer Overflow

libxml2 is vulnerable to a heap buffer overflow when xmlBufAdd is called on a very large buffer.

Ubuntu Security Notice USN-5422-1

Ubuntu Security Notice 5422-1 - Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

CVE-2022-29824: v2.9.14 · Tags · GNOME / libxml2

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.