Synopsis
Important: Red Hat JBoss Core Services Apache HTTP 2423 Release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...
Several security issues were fixed in libxml2 ...
Debian Bug report logs -
#823414
libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 4 May 2016 14:09:02 UTC
...
Debian Bug report logs -
#813613
libxml2: Heap-buffer overread in libxml2/dictc
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 3 Feb 2016 17:30:02 UTC
Severity: important
Tags: ...
Debian Bug report logs -
#812807
libxml2: CVE-2016-2073: out-of-bounds read in htmlParseNameComplex()
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 26 Jan 2016 19:03:02 UTC
Seve ...
Debian Bug report logs -
#823405
libxml2: CVE-2016-4483
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 4 May 2016 12:33:02 UTC
Severity: important
Tags: security, upstream
Foun ...
Debian Bug report logs -
#819006
libxml2: CVE-2016-3627: stack exhaustion in libxml2 parsing xml files in recover mode
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 22 Mar 2016 1 ...
Debian Bug report logs -
#863018
libxml2: CVE-2017-9050: heap-based buffer overflow in xmlDictAddString
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 May 2017 09:03:02 UTC
Se ...
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2016-1 ...
The xmlDictAddString function in libxml2 before 294, as used in Apple iOS before 932, OS X before 10115, tvOS before 921, and watchOS before 221, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document ...
The Log Correlation Engine (LCE) is potentially impacted by several vulnerabilities in OpenSSL (20160503), libpcre / PCRE, Libxml2, Handlebars, libcurl, and jQuery that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included versions of each library as a ...