libxml2-2.9.7-13.el8.1
エラータID: AXSA:2022-3668:04
The libxml2 library is a development toolbox providing the implementation of
various XML standards.
Security Fix(es):
* libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds
write (CVE-2022-29824)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE-2022-29824
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*)
and tree.c (xmlBuffer*) don't check for integer overflows. This can result in
out-of-bounds memory writes. Exploitation requires a victim to open a crafted,
multi-gigabyte XML file. Other software using libxml2's buffer functions, for
example libxslt through 1.1.35, is affected as well.
Update packages.
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
N/A
SRPMS
- libxml2-2.9.7-13.el8.1.src.rpm
MD5: 6a5a9d05cec20974ad0386173c3b8932
SHA-256: 233b925a5acd724fe34e0c05e1edfb558b8f0325ecbc55172decc671ad5a564d
Size: 5.22 MB
Asianux Server 8 for x86_64
- libxml2-2.9.7-13.el8.1.x86_64.rpm
MD5: 52b0425a42a6852c59bc97e386069ee2
SHA-256: a180535039d2ad5303d0a9a929720ba7e2ce0e0fc1b79d2c2c9b4ba98d50c6d2
Size: 694.52 kB - libxml2-devel-2.9.7-13.el8.1.x86_64.rpm
MD5: 3b6f24485699db47186f31d909a0f463
SHA-256: fc8d1f6b605c3c4ed6d7f067870781b0ccb9054c220f7124976c14654938f41c
Size: 1.04 MB - python3-libxml2-2.9.7-13.el8.1.x86_64.rpm
MD5: d91c4359717f01221bca8ee9705f3897
SHA-256: 5113998ad22b85dc6ada0384f90f4005961895ba4e73a2f63b5262eb686ddb44
Size: 236.26 kB - libxml2-2.9.7-13.el8.1.i686.rpm
MD5: b4e36002021115f4d40f2677f86d4a71
SHA-256: 8155c7dc811d0138a14c416d254ed4831ba1fbe050b49116ed5f179dddfd8bcd
Size: 739.71 kB - libxml2-devel-2.9.7-13.el8.1.i686.rpm
MD5: 7166b7668489fa451420fc44b85a5799
SHA-256: cc5b760efc5db57507e24feac25b39f23141e11c5af8008b11c66ccc79c4b1e0
Size: 1.04 MB