CVE-2016-4449

Synopsis Important: Red Hat JBoss Core Services Apache HTTP 2423 Release Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...

Several security issues were fixed in libxml2 ...

Debian Bug report logs - #823414 libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 4 May 2016 14:09:02 UTC ...

Debian Bug report logs - #813613 libxml2: Heap-buffer overread in libxml2/dictc Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 3 Feb 2016 17:30:02 UTC Severity: important Tags: ...

Debian Bug report logs - #812807 libxml2: CVE-2016-2073: out-of-bounds read in htmlParseNameComplex() Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 26 Jan 2016 19:03:02 UTC Seve ...

Debian Bug report logs - #823405 libxml2: CVE-2016-4483 Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 4 May 2016 12:33:02 UTC Severity: important Tags: security, upstream Foun ...

Debian Bug report logs - #819006 libxml2: CVE-2016-3627: stack exhaustion in libxml2 parsing xml files in recover mode Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 22 Mar 2016 1 ...

A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2016-1 ...

XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parserc in libxml2 before 294, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors ...

The Log Correlation Engine (LCE) is potentially impacted by several vulnerabilities in OpenSSL (20160503), libpcre / PCRE, Libxml2, Handlebars, libcurl, and jQuery that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included versions of each library as a ...