Synopsis
Important: Red Hat JBoss Core Services Apache HTTP 2423 Release
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...
Several security issues were fixed in libxml2 ...
Debian Bug report logs -
#823414
libxml2: CVE-2016-3705: stack overflow before detecting invalid XML file
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 4 May 2016 14:09:02 UTC
...
Debian Bug report logs -
#813613
libxml2: Heap-buffer overread in libxml2/dictc
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 3 Feb 2016 17:30:02 UTC
Severity: important
Tags: ...
Debian Bug report logs -
#812807
libxml2: CVE-2016-2073: out-of-bounds read in htmlParseNameComplex()
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 26 Jan 2016 19:03:02 UTC
Seve ...
Debian Bug report logs -
#823405
libxml2: CVE-2016-4483
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 4 May 2016 12:33:02 UTC
Severity: important
Tags: security, upstream
Foun ...
Debian Bug report logs -
#819006
libxml2: CVE-2016-3627: stack exhaustion in libxml2 parsing xml files in recover mode
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 22 Mar 2016 1 ...
A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application (CVE-2016-1 ...
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parserc in libxml2 before 294, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors ...
The Log Correlation Engine (LCE) is potentially impacted by several vulnerabilities in OpenSSL (20160503), libpcre / PCRE, Libxml2, Handlebars, libcurl, and jQuery that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included versions of each library as a ...