ArchLinux: 201611-2: libxml2: arbitrary code execution
Summary
- CVE-2016-4658 (arbitrary code execution)
A use-after-free vulnerability via namespace nodes in XPointer ranges
was found in libxml2.
- CVE-2016-5131 (arbitrary code execution)
Bugs in xmlXPathEvalExpr and xmlXPtrRangeToFunction can lead to a use-after-free and allow control of the instruction pointer.
Resolution
Upgrade to 2.9.4+12+ge905f08-1.
# pacman -Syu "libxml2>=2.9.4+12+ge905f08-1"
The problems have been fixed upstream but no release is available yet.
References
https://bugzilla.redhat.com/show_bug.cgi?id=1384424 https://gitlab.gnome.org/GNOME/libxml2/-/commit/c1d1f7121194036608bf555f08d3062a36fd344b https://gitlab.gnome.org/GNOME/libxml2/-/commit/9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e https://bugs.chromium.org/p/chromium/issues/detail?id=623378 https://access.redhat.com/security/cve/CVE-2016-4658 https://access.redhat.com/security/cve/CVE-2016-5131
Workaround
None.