libxml2-2.9.1-6.0.1.el7.AXS7.2

エラータID: AXSA:2015-924:01

Release date: 
Friday, December 11, 2015 - 11:58
Subject: 
libxml2-2.9.1-6.0.1.el7.AXS7.2
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

This library allows to manipulate XML files. It includes support
to read, modify and write XML and HTML files. There is DTDs support
this includes parsing and validation even with complex DtDs, either
at parse time or later once the document has been modified. The output
can be a simple SAX stream or and in-memory DOM like representations.
In this case one can use the built-in XPath and XPointer implementation
to select sub nodes or ranges. A flexible Input/Output mechanism is
available, with existing HTTP and FTP modules and combined to an
URI library.

Security issues fixed with this release:

CVE-2015-1819
The xmlreader in libxml allows remote attackers to cause a denial of
service (memory consumption) via crafted XML data, related to an XML
Entity Expansion (XEE) attack.
CVE-2015-5312
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-7497
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-7498
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-7499
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-7500
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which
allows context-dependent attackers to cause a denial of service
(out-of-bounds read and libxml2 crash) via crafted XML data to the (1)
xmlParseEntityDecl or (2) xmlParseConditionalSections function in
parser.c, as demonstrated by non-terminated entities.
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does
not properly skip intermediary entities when it stops parsing invalid
input, which allows context-dependent attackers to cause a denial of
service (out-of-bounds read and crash) via crafted XML data, a
different vulnerability than CVE-2015-7941.
CVE-2015-8241
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-8242
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-8317
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2015-1819
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
CVE-2015-5312
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
CVE-2015-7497
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors.
CVE-2015-7498
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
CVE-2015-7499
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
CVE-2015-7500
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
CVE-2015-7941
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.
CVE-2015-8241
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2015-8242
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
CVE-2015-8317
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
Additional Info: 

N/A

Download: 

SRPMS
  1. libxml2-2.9.1-6.0.1.el7.AXS7.2.src.rpm
    MD5: deef938e4d5458721c75302af10f252d
    SHA-256: c3efd34f8e682b41d2c052a32cadeed2fec0c0cc1d4bd5b25d9cdc45e048e724
    Size: 4.99 MB

Asianux Server 7 for x86_64
  1. libxml2-2.9.1-6.0.1.el7.AXS7.2.x86_64.rpm
    MD5: 620f55e0720686a3a2354dffa4fad31c
    SHA-256: 82356b2bb07db83e66440526a94300d8efcd169cb968105e928687e1ad8bfb8a
    Size: 665.00 kB
  2. libxml2-devel-2.9.1-6.0.1.el7.AXS7.2.x86_64.rpm
    MD5: 06f22b1f90148d33e77519055c602942
    SHA-256: d0f0f021d1e6eb001eb16ab011a7c7807484c5c6e632749df8c0328bd27618d0
    Size: 1.05 MB
  3. libxml2-python-2.9.1-6.0.1.el7.AXS7.2.x86_64.rpm
    MD5: 17d305a2626cb44b71fcd1d6169aab19
    SHA-256: 8aa25996fdc9a7604037cae2a13e4bf21ab37d7e60e584cfb6f80ed65935ab45
    Size: 244.44 kB
  4. libxml2-2.9.1-6.0.1.el7.AXS7.2.i686.rpm
    MD5: ceb669335e7b45c3303913ff4784465e
    SHA-256: 2431d3e853cacd2520c027a255d249d1f990a72d5b1e14b0e4d75afa3b14680c
    Size: 650.07 kB
  5. libxml2-devel-2.9.1-6.0.1.el7.AXS7.2.i686.rpm
    MD5: 069c8ef344fc8e637aa6415f7a4bd310
    SHA-256: b3ff054b80c4b6f19a6a5db0d6e5cd9cb5e77329640a77b4cef6b45636350f25
    Size: 1.05 MB