Debian Bug report logs -
#1010526
libxml2: CVE-2022-29824: integer overflows in xmlBuf and xmlBuffer
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 3 May 2022 15:45:01 UTC
Sever ...
Several security issues were fixed in libxml2 ...
Felix Wilhelm reported that several buffer handling functions in
libxml2, a library providing support to read, modify and write XML and
HTML files, don't check for integer overflows, resulting in
out-of-bounds memory writes if specially crafted, multi-gigabyte XML
files are processed An attacker can take advantage of this flaw for
denial of servic ...
A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write (CVE-2022-29824) ...
parserc in libxml2 before 295 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name (CVE-2017-16931)
GNOME project libxml2 v2910 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entitiesc The issue has been ...
In libxml2 before 2914, several buffer handling functions in bufc (xmlBuf*) and treec (xmlBuffer*) don't check for integer overflows This can result in out-of-bounds memory writes Exploitation requires a victim to open a crafted, multi-gigabyte XML file Other software using libxml2's buffer functions, for example libxslt through 1135, is a ...
Synopsis
Moderate: Secondary Scheduler Operator for Red Hat OpenShift 101 security update
Type/Severity
Security Advisory: Moderate
Topic
Secondary Scheduler Operator for Red Hat OpenShift 101Red Hat Product Security has rated this update as having a security impact ofModerate A Common Vulnerability Scoring System (CVSS) base score, whic ...
Synopsis
Moderate: libxml2 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating ...
Synopsis
Moderate: Logging Subsystem 543 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 543 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Moderate: Gatekeeper Operator v02 security and container updates
Type/Severity
Security Advisory: Moderate
Topic
Gatekeeper Operator v02 security updatesRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity ratin ...
Synopsis
Moderate: RHSA: Submariner 013 - security and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Submariner 013 packages that fix security issues and bugs, as well as adds various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 26Red Hat Product Security has rated ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 104 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 104 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Critical: Red Hat Advanced Cluster Management 246 security update and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Red Hat Advanced Cluster Management for Kubernetes 246 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security i ...
Synopsis
Moderate: Openshift Logging Bug Fix and security update Release (5310)
Type/Severity
Security Advisory: Moderate
Topic
Openshift Logging Bug Fix Release (5310)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed seve ...
Synopsis
Moderate: ACS 371 enhancement and security update
Type/Severity
Security Advisory: Moderate
Topic
Updated images are now available for Red Hat Advanced Cluster Security The updated image includes bug fixes and feature improvementsRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulne ...
Synopsis
Moderate: Openshift Logging Bug Fix and security update Release (5213)
Type/Severity
Security Advisory: Moderate
Topic
Openshift Logging Bug Fix Release (5213)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed seve ...
Synopsis
Important: Release of containers for OSP 162z director operator tech preview
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenStack Platform 162 (Train) director operator containers, with several Important security fixes, are available for technology preview
Description
Release osp-director-operator imagesSecurity F ...
Synopsis
Moderate: New container image for Red Hat Ceph Storage 52 Security update
Type/Severity
Security Advisory: Moderate
Topic
A new container image for Red Hat Ceph Storage 52 is now available in the Red Hat Ecosystem CatalogRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 2312 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 2312 GeneralAvailability release images, which provide security updates and bug fixesRed Hat Product Security has rated this update as having a secur ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 110 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 110 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Important: OpenShift Virtualization 4110 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4110 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Synopsis
Important: OpenShift Container Platform 4110 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 173 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 173 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: OpenShift Container Platform 4110 extras and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4110 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Conta ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4110 security, enhancement, & bugfix update
Type/Severity
Security Advisory: Important
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4110 on Red Hat Enterprise Linux 8Red Hat Product Securit ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 251 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 251 GeneralAvailability release images, which fix security issues and bugsRed Hat Product Security has rated this update as having a security impactof ...
Synopsis
Important: Release of OpenShift Serverless 1240
Type/Severity
Security Advisory: Important
Topic
Release of OpenShift Serverless 1240The References section contains CVE links providing detailed severity ratingsfor each vulnerability Ratings are based on a Common Vulnerability ScoringSystem (CVSS) base score
Description
Versio ...
Synopsis
Important: OpenShift Container Platform 41145 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41145 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: Migration Toolkit for Containers (MTC) 174 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
The Migration Toolkit for Containers (MTC) 174 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ba ...
Integer overflow in xmlBuf (bufc) and xmlBuffer (treec) can lead to out-of-bounds memory writes exploitable when parsing crafted multi-gigabyte xml files ...
LTC-102 has been updated in the LTC (Long Term Support Candidate) channel to 10205005153 (Platform Version: 146951140) for most ChromeOS devices Want to know more about Long-term Support? Click here This update includes the following Security fixes:1335458 Critical CVE-2022-2156 Use ...
LTS-96 has been updated in the LTS channel to 9604664215 (Platform Version: 14268940) for most ChromeOS devices Want to know more about Long-term Support? Click here This update includes the following Security fixes:1325298 High CVE-2022-2010 Out of bounds read in compositing1302959 & ...
validc in libxml2 before 2913 has a use-after-free of ID and IDREF attributes (CVE-2022-23308)
A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write (CVE-2022-29824) ...
validc in libxml2 before 2913 has a use-after-free of ID and IDREF attributes (CVE-2022-23308)
A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write (CVE-2022-29824) ...