Headline

RHSA-2023:4767: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2016-3709: A Cross-site scripting (XSS) vulnerability was found in libxml2. A specially crafted input, when serialized and re-parsed by the libxml2 library, will result in a document with element attributes that did not exist in the original document.

12 months ago

Red Hat Security Data

Open in Source

#xss #vulnerability #linux #red_hat #ibm #sap

Synopsis

Moderate: libxml2 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libxml2 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libxml2 library is a development toolbox providing the implementation of various XML standards.

Security Fix(es):

libxml2: Incorrect server side include parsing can lead to XSS (CVE-2016-3709)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The desktop must be restarted (log out, then log back in) for this update to take effect.

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
Red Hat Enterprise Linux Server - AUS 8.6 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
Red Hat Enterprise Linux Server - TUS 8.6 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

BZ - 2112766 - CVE-2016-3709 libxml2: Incorrect server side include parsing can lead to XSS

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

x86_64

libxml2-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 50a94161230ef62e84d83220121b45cea86241699972fba80e8f9f6ce4c9013a

libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 99127c52813644231a1d3b32c8cd70e58853c6aaa6529027a95090727bed4009

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-devel-2.9.7-13.el8_6.2.i686.rpm

SHA-256: a3485cdeccc73a23ae31c070f1a5d88c5fd987442ea36bb883293bb789b111df

libxml2-devel-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61ebb256fa055cf2a2afb22f54e70fbfaf3190313dae9638f03a34d1c32e2fea

python3-libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: cc8ab042086881314c1a3032e113ea00048e8fba99b7ba3ced480320b9791502

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

x86_64

libxml2-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 50a94161230ef62e84d83220121b45cea86241699972fba80e8f9f6ce4c9013a

libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 99127c52813644231a1d3b32c8cd70e58853c6aaa6529027a95090727bed4009

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-devel-2.9.7-13.el8_6.2.i686.rpm

SHA-256: a3485cdeccc73a23ae31c070f1a5d88c5fd987442ea36bb883293bb789b111df

libxml2-devel-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61ebb256fa055cf2a2afb22f54e70fbfaf3190313dae9638f03a34d1c32e2fea

python3-libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: cc8ab042086881314c1a3032e113ea00048e8fba99b7ba3ced480320b9791502

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

s390x

libxml2-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 635cc9d2e18912f088e3dff47419b3a40bde6f912f91697d0f8f947415c88c34

libxml2-debuginfo-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 0b5ee4a28d31529a1445aa6297b5063f42459887353b9eda2c931427899ede0c

libxml2-debuginfo-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 0b5ee4a28d31529a1445aa6297b5063f42459887353b9eda2c931427899ede0c

libxml2-debugsource-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 1d294e86113c9000d416be572a42d5ca9cdcc9370409a0850aab1e433f0ccede

libxml2-debugsource-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 1d294e86113c9000d416be572a42d5ca9cdcc9370409a0850aab1e433f0ccede

libxml2-devel-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 9ef12845bac23d0eb7557c6b39e7686b362989d434ec6db4830f606cdd23b351

python3-libxml2-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 26de33586d0fe16ad5a3a8ef2a37ab791109b9d371a211bbb4d96a865121ea7d

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 9f9710bf1671f7210299263dd98be61472b1f55c2c14dcbf042ddd4133fce855

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.s390x.rpm

SHA-256: 9f9710bf1671f7210299263dd98be61472b1f55c2c14dcbf042ddd4133fce855

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

ppc64le

libxml2-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 1181e30f2a5e5e0875e56263b6279458edff93ffb6fe4ab3cdb53a26ded978a5

libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 027b0ef9b4392cfd8b195f6f62f55aa094ed702021e8fee4c27da3ad6388a071

libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 027b0ef9b4392cfd8b195f6f62f55aa094ed702021e8fee4c27da3ad6388a071

libxml2-debugsource-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 06d49b7ec9bc6bf73f05b0447409608acfbb8679f269fe1ff56081b62b0cd7a1

libxml2-debugsource-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 06d49b7ec9bc6bf73f05b0447409608acfbb8679f269fe1ff56081b62b0cd7a1

libxml2-devel-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: b6eb9ba28f379b4c8bd148383aff578451ef39f11e89f25dc9be16c903aab35f

python3-libxml2-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 9c8d139c146e67906cf51437135fa422840edca79e6f6a7372d1e6c49beb91eb

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 34c03a0d91df85dfa2aef2eaa7755136e6075a3e48a29e6a5de315fcb50f81b2

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 34c03a0d91df85dfa2aef2eaa7755136e6075a3e48a29e6a5de315fcb50f81b2

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

x86_64

libxml2-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 50a94161230ef62e84d83220121b45cea86241699972fba80e8f9f6ce4c9013a

libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 99127c52813644231a1d3b32c8cd70e58853c6aaa6529027a95090727bed4009

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-devel-2.9.7-13.el8_6.2.i686.rpm

SHA-256: a3485cdeccc73a23ae31c070f1a5d88c5fd987442ea36bb883293bb789b111df

libxml2-devel-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61ebb256fa055cf2a2afb22f54e70fbfaf3190313dae9638f03a34d1c32e2fea

python3-libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: cc8ab042086881314c1a3032e113ea00048e8fba99b7ba3ced480320b9791502

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

aarch64

libxml2-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: e1ce118ad10d1808509d949eabb92b00185c3bc4eec3e2656bf712b2ba7fe737

libxml2-debuginfo-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 6626c9eb7f23979d6a4903a6e2c6c52533f0b9734d960aecf29322432a2333f5

libxml2-debuginfo-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 6626c9eb7f23979d6a4903a6e2c6c52533f0b9734d960aecf29322432a2333f5

libxml2-debugsource-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 86830213d32dddd6779de97814001d252bcf2329091e78bf4bc7f33f348b7675

libxml2-debugsource-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 86830213d32dddd6779de97814001d252bcf2329091e78bf4bc7f33f348b7675

libxml2-devel-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 51b507b1c1c8d2d6710f2378185d8894d1b5f32eb8da78a7d6833dc2368ff1ba

python3-libxml2-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 276ded72c6efc48ed99e73097b2b8dd552f95cfc639dc1712d72032fd7587e56

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 8bdcea2a00cc96716a334ee2060bc1eedd7c381fec2556fc3a03c9fc74cdf833

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.aarch64.rpm

SHA-256: 8bdcea2a00cc96716a334ee2060bc1eedd7c381fec2556fc3a03c9fc74cdf833

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

ppc64le

libxml2-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 1181e30f2a5e5e0875e56263b6279458edff93ffb6fe4ab3cdb53a26ded978a5

libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 027b0ef9b4392cfd8b195f6f62f55aa094ed702021e8fee4c27da3ad6388a071

libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 027b0ef9b4392cfd8b195f6f62f55aa094ed702021e8fee4c27da3ad6388a071

libxml2-debugsource-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 06d49b7ec9bc6bf73f05b0447409608acfbb8679f269fe1ff56081b62b0cd7a1

libxml2-debugsource-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 06d49b7ec9bc6bf73f05b0447409608acfbb8679f269fe1ff56081b62b0cd7a1

libxml2-devel-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: b6eb9ba28f379b4c8bd148383aff578451ef39f11e89f25dc9be16c903aab35f

python3-libxml2-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 9c8d139c146e67906cf51437135fa422840edca79e6f6a7372d1e6c49beb91eb

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 34c03a0d91df85dfa2aef2eaa7755136e6075a3e48a29e6a5de315fcb50f81b2

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.ppc64le.rpm

SHA-256: 34c03a0d91df85dfa2aef2eaa7755136e6075a3e48a29e6a5de315fcb50f81b2

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

libxml2-2.9.7-13.el8_6.2.src.rpm

SHA-256: eea07c2634e3a208611c537e5df61b8fc49ddff47be09c85fd719015772b839e

x86_64

libxml2-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 50a94161230ef62e84d83220121b45cea86241699972fba80e8f9f6ce4c9013a

libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 99127c52813644231a1d3b32c8cd70e58853c6aaa6529027a95090727bed4009

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 36ec71b9b5174901379a4967c320063e968099bb3624643580a830ab0ced2bff

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61b02fcd23c16423549cc206dd0d72a61e87adb5551547821efb466cefc5fe5f

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 819ea386db5c823f3e58d8b7014db878c57e63c9413634ab62d92979eac352bf

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-debugsource-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 629653b683f5f2367eb7106ea50185e221bedc06cb6c710d3decc8a585717287

libxml2-devel-2.9.7-13.el8_6.2.i686.rpm

SHA-256: a3485cdeccc73a23ae31c070f1a5d88c5fd987442ea36bb883293bb789b111df

libxml2-devel-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: 61ebb256fa055cf2a2afb22f54e70fbfaf3190313dae9638f03a34d1c32e2fea

python3-libxml2-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: cc8ab042086881314c1a3032e113ea00048e8fba99b7ba3ced480320b9791502

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.i686.rpm

SHA-256: 6268214f6e010ee1407a6f9711ae6962161d3fe32833775be0bebcd5681a3275

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

python3-libxml2-debuginfo-2.9.7-13.el8_6.2.x86_64.rpm

SHA-256: dacd15510274685de974c638f67131d4a94e634ae89e80d17223347d7130eaa8

Red Hat OpenShift Virtualization release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.

12 months ago

Red Hat Security Data

Open in Source

#vulnerability #web #mac #linux #red_hat #dos #nodejs #js #kubernetes #aws

Red Hat Security Advisory 2023-5174-01

Red Hat Security Advisory 2023-5174-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

12 months ago

Packet Storm

Open in Source

#vulnerability #red_hat #auth #jira

RHSA-2023:5001: Red Hat Security Advisory: OpenShift Container Platform 4.11.49 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-46146: A flaw was found in exporter-toolkit. A request can be forged by an attacker to poison the internal cache used to cache hashes and make subsequent successful requests. This cache is ...

12 months ago

Red Hat Security Data

Open in Source

#vulnerability #web #mac #linux #red_hat #kubernetes #vmware #alibaba #oauth #auth #ibm #rpm #docker

Red Hat Security Advisory 2023-4982-01

Red Hat Security Advisory 2023-4982-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.6 images.

12 months ago

Packet Storm

Open in Source

#mac #red_hat #ibm

Red Hat Security Advisory 2023-0408-01

Red Hat Security Advisory 2023-0408-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.

1 year ago

Packet Storm

Open in Source

#vulnerability #web #mac #windows #linux #red_hat #dos #js #kubernetes #perl #auth #ssh #rpm #docker #sap #ssl

RHSA-2023:0408: Red Hat Security Advisory: OpenShift Virtualization 4.12.0 Images security update

Red Hat OpenShift Virtualization release 4.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache * CVE-2021-44717: golang: syscall: don't close fd 0 on ForkExec error * CVE-2022-1705: golang: net/http: improper sanitizat...

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #mac #windows #linux #red_hat #nodejs #js #java #kubernetes #perl #aws #auth #ssh #rpm #docker #sap #ssl

Red Hat Security Advisory 2022-8964-01

Red Hat Security Advisory 2022-8964-01 - The rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator operator has been updated for RHEL-8 based Middleware Containers to address the following security issues. Issues addressed include a traversal vulnerability.

1 year ago

Packet Storm

Open in Source

#vulnerability #red_hat #js #docker #jira

Red Hat Security Advisory 2022-8938-01

Red Hat Security Advisory 2022-8938-01 - Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, and 4.11. This release includes security and bug fixes, and enhancements.

1 year ago

Packet Storm

Open in Source

#vulnerability #ios #red_hat #ssh

RHSA-2022:8964: Red Hat Security Advisory: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images

Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware Containers. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3782: keycloak: path traversal via double URL encoding * CVE-2022-3916: keycloak: Session takeover with OIDC offline refreshtokens

1 year ago

Red Hat Security Data

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #ibm #docker

RHSA-2022:8750: Red Hat Security Advisory: OpenShift Virtualization 4.11.1 security and bug fix update

Red Hat OpenShift Virtualization release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921: golang: regexp: stack exhaustion via a deeply nested expression * CVE-2022-28327: golang: crypto/elliptic: panic caus...

1 year ago

Red Hat Security Data

Open in Source

#sql #vulnerability #web #mac #windows #red_hat #ssh #rpm #ssl

Red Hat Security Advisory 2022-7435-01

Red Hat Security Advisory 2022-7435-01 - An update is now available for Logging subsystem for Red Hat OpenShift 5.4. Issues addressed include a denial of service vulnerability.

1 year ago

Packet Storm

Open in Source

#vulnerability #red_hat #dos #jira

RHSA-2022:7715: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2016-3709: libxml2: Incorrect server side include parsing can lead to XSS

1 year ago

Red Hat Security Data

Open in Source

#xss #vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #aws #ibm

Ubuntu Security Notice USN-5548-1

Ubuntu Security Notice 5548-1 - It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code.

2 years ago

Packet Storm

Open in Source

#vulnerability #ubuntu

CVE-2016-3709: [xml] Incorrect server side include parsing can lead to XSS and other si

Possible cross-site scripting vulnerability in libxml after commit 960f0e2.

2 years ago

CVE

Open in Source

#xss #vulnerability #git #java #auth