Debian Bug report logs -
#1034436
libxml2: CVE-2023-28484
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 15 Apr 2023 09:21:01 UTC
Severity: important
Tags: security, upstream
Fo ...
Several vulnerabilities were discovered in libxml2, a library providing
support to read, modify and write XML and HTML files
CVE-2023-28484
A NULL pointer dereference flaw when parsing invalid XML schemas may
result in denial of service
CVE-2023-29469
It was reported that when hashing empty strings which aren't
null-terminated, x ...
A NULL pointer dereference exists when parsing (invalid) XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK (CVE-2023-28484)
libxml2 Hashing of empty dict strings isn't deterministic When hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results This could lead to various logic or memory errors, ...
parserc in libxml2 before 295 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name (CVE-2017-16931)
GNOME project libxml2 v2910 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entitiesc The issue has been ...
Description<!----> This CVE is under investigation by Red Hat Product Security ...
概述
Critical: Red Hat Advanced Cluster Management 281 security and bug fix updates
类型/严重性
Security Advisory: Critical
标题
Red Hat Advanced Cluster Management for Kubernetes 281 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a security ...
Synopsis
Moderate: libxml2 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated ...
Synopsis
Critical: Multicluster Engine for Kubernetes 227 security updates and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Multicluster Engine for Kubernetes 227 General Availability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a security impactof Critic ...
Synopsis
Important: Migration Toolkit for Containers (MTC) 180 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
The Migration Toolkit for Containers (MTC) 180 is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis
Important: OpenShift Virtualization 4133 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4133 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Synopsis
Important: Migration Toolkit for Applications security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Migration Toolkit for Applications 621 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Important: Network Observability 140 for OpenShift
Type/Severity
Security Advisory: Important
Topic
Network Observability is an OpenShift operator that deploys a monitoring pipeline to collect and enrich network flows that are produced by the Network Observability eBPF agentThe operator provides dashboards, metrics, and keeps flow ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 1713 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 1713 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Important: Self Node Remediation Operator 051 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
Synopsis
Important: Node Health Check Operator 041
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Health Check Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: Node Maintenance Operator 501 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Node Maintenance Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Synopsis
Important: Red Hat OpenStack Platform 1711 (director-operator) security update
Type/Severity
Security Advisory: Important
Topic
An update for osp-director-agent-container, osp-director-downloader-container, osp-director-operator-bundle-container, and osp-director-operator-container is now available for Red Hat OpenStack Platform 17 ...
Synopsis
Critical: Red Hat Advanced Cluster Management 267 security and bug fix updates
Type/Severity
Security Advisory: Critical
Topic
Red Hat Advanced Cluster Management for Kubernetes 267 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a security i ...
Synopsis
Moderate: OpenShift Virtualization 4126 Images
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Virtualization release 4126 is now available with updates to packages and images that fix several bugs and add enhancements
Description
OpenShift Virtualization is Red Hat's virtualization solution designed for Red ...
Synopsis
Critical: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Critical
Topic
An update is now available for Red Hat OpenShift GitOps 19Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Synopsis
Moderate: OpenShift Container Platform 4138 bug fix and security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 4138 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Con ...
Synopsis
Moderate: libxml2 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a se ...
Synopsis
Moderate: Red Hat JBoss Core Services Apache HTTP Server 2457 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat JBoss Core Services Apache HTTP Server 2457 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) bas ...
Synopsis
Critical: Red Hat Advanced Cluster Management 277 security and bug fix updates
Type/Severity
Security Advisory: Critical
Topic
Red Hat Advanced Cluster Management for Kubernetes 277 GeneralAvailability release images, which provide security updates and fix bugsRed Hat Product Security has rated this update as having a security i ...
Synopsis
Moderate: AMQ Broker 7111OPR2GA Container Images Release
Type/Severity
Security Advisory: Moderate
Topic
This is the multiarch release of the AMQ Broker 7111 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container PlatformRed Hat Product Security has rated this update as havi ...
Synopsis
Important: Release of OpenShift Serverless Logic 1300 SP1 security update
Type/Severity
Security Advisory: Important
Topic
Release of OpenShift Serverless Operator 1301 and OpenShift Serverless Logic 1300 SP1Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Synopsis
Important: Red Hat OpenShift Pipelines Operator security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for OpenShift-Pipelines-111-RHEL-8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: Self Node Remediation Operator 071 security update
Type/Severity
Security Advisory: Important
Topic
This is an updated version of the Self Node Remediation Operator This Operator is delivered by Red Hat Workload AvailabilityRed Hat Product Security has rated this update as having a security impact of Important A Commo ...
Synopsis
Critical: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Critical
Topic
An update is now available for Red Hat OpenShift GitOps 18Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity ...
Synopsis
Critical: Multicluster Engine for Kubernetes 218 security updates and bug fixes
Type/Severity
Security Advisory: Critical
Topic
Multicluster Engine for Kubernetes 218 General Availability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security impactof Critica ...
Synopsis
Moderate: Release of containers for OSP 162z (Train) director Operator
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenStack Platform (RHOSP) 162z (Train) director Operator containers are now available
Description
Release of Red Hat OpenStack Platform (RHOSP) 162z (Train) provides these changes:
Solution
Before ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 116 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 116 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
概要
Important: OpenShift Container Platform 411 low-latency extras update
タイプ/重大度
Security Advisory: Important
トピック
An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 411 Secondary scheduler builds ...
Synopsis
Important: DevWorkspace Operator 022 release
Type/Severity
Security Advisory: Important
Topic
Red Hat DevWorkspace Operator 022 has been releasedRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...
Synopsis
Important: Red Hat Single Sign-On 765 for OpenShift image enhancement and security update
Type/Severity
Security Advisory: Important
Topic
A new image is available for Red Hat Single Sign-On 765, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a security impa ...
Synopsis
Important: Red Hat OpenShift Pipelines 1106 release and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Pipelines 1106 has been releasedRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: OpenShift Container Platform 413 low-latency extras security update
Type/Severity
Security Advisory: Important
Topic
An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-must-gather NUMA-aware secondary scheduler and numaresources-operator is now available for Red Hat OpenShift Container Plat ...
Synopsis
Important: Red Hat OpenShift Enterprise security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform low-latency extras release 412, which provides an update for cnf-tests-container, performance-addon-operator-must-gather-rhel8-container, NUMA-aware secondary scheduler and numaresources-opera ...
Synopsis
Important: Secondary Scheduler Operator for Red Hat OpenShift 120
Type/Severity
Security Advisory: Important
Topic
Secondary Scheduler Operator for Red Hat OpenShift 120
Description
The Secondary Scheduler Operator for Red Hat OpenShift is an optionaloperator that makes it possible to deploy a secondary scheduler byproviding a ...
Synopsis
Important: Kernel Module Management security update
Type/Severity
Security Advisory: Important
Topic
This is an update for the Red Hat OpenShift Kernel Module Management 11 operator and images to address CVE-2023-44487 which Red Hat has assessed as being Important (sees accessredhatcom/security/cve/CVE-2023-44487 for detai ...