libxml2-2.9.13-1.el9.1
エラータID: AXSA:2022-3979:05
リリース日:
2022/11/02 Wednesday - 07:07
題名:
libxml2-2.9.13-1.el9.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libxml2 の buf.c および tree.c に含まれるバッファー処理関数の
一部には、整数のオーバーフローの問題があるため、攻撃者により細工
された数ギガバイトの XML ファイルを介して範囲外のメモリ書き込み
を可能とする脆弱性が存在します。(CVE-2022-29824)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-29824
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
追加情報:
N/A
ダウンロード:
SRPMS
- libxml2-2.9.13-1.el9.1.src.rpm
MD5: a7000ef80d1858e661ce2f3e29eea916
SHA-256: 6c098b734c414a33d81b4ded6731c6301e2b30dfaebf86c8424be45af3e95cfe
Size: 3.11 MB
Asianux Server 9 for x86_64
- libxml2-2.9.13-1.el9.1.x86_64.rpm
MD5: b147ba1ab0a8df4ca5a2dc1b97346434
SHA-256: 1196b7dada4439c17000f82262237931ef378ad5c406c759b90ff0f7ea28cb29
Size: 746.52 kB - libxml2-devel-2.9.13-1.el9.1.x86_64.rpm
MD5: cc6da0d9e3d1feb815c9cf8da6de31c1
SHA-256: 4dcf7a406fc5c70440b1d368699a80d9e76f49d9b0983c273eaea9b2c9283f42
Size: 828.08 kB - python3-libxml2-2.9.13-1.el9.1.x86_64.rpm
MD5: 89deaef06c80df140343ec6de183ffaa
SHA-256: 4efa6a2532c5281db990f1a60c31a932c8a8d1db56556b1ad7ec6e796f788aed
Size: 225.81 kB - libxml2-2.9.13-1.el9.1.i686.rpm
MD5: 5dd542aee3af911a8f5509db67245a72
SHA-256: 6990b8172c843b2cea7b0254b8f1a7eebf4a7d5a07f999e05bf455db39f26e21
Size: 784.66 kB - libxml2-devel-2.9.13-1.el9.1.i686.rpm
MD5: 1e2c2d824fac6cb510790ef83b7e339b
SHA-256: 4ea8bfc4bfc3b82748d5a96bb00f5312119df6a8397bf471508a8b02ef05e64f
Size: 828.54 kB