Debian LTS: DLA-3012-1: libxml2 security update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up
-------------------------------------------------------------------------
Debian LTS Advisory DLA-3012-1                [email protected]
https://www.debian.org/lts/security/                      Markus Koschany
May 17, 2022                                  https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package        : libxml2
Version        : 2.9.4+dfsg1-2.2+deb9u7
CVE ID         : CVE-2022-29824
Debian Bug     : 1010526

Felix Wilhelm discovered that libxml2, the GNOME XML library, did not correctly
check for integer overflows or used wrong types for buffer sizes. This could
result in out-of-bounds writes or other memory errors when working on large,
multi-gigabyte buffers.

For Debian 9 stretch, this problem has been fixed in version
2.9.4+dfsg1-2.2+deb9u7.

We recommend that you upgrade your libxml2 packages.

For the detailed security status of libxml2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libxml2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-3012-1: libxml2 security update

May 16, 2022
Felix Wilhelm discovered that libxml2, the GNOME XML library, did not correctly check for integer overflows or used wrong types for buffer sizes

Summary


Felix Wilhelm discovered that libxml2, the GNOME XML library, did not correctly
check for integer overflows or used wrong types for buffer sizes. This could
result in out-of-bounds writes or other memory errors when working on large,
multi-gigabyte buffers.

For Debian 9 stretch, this problem has been fixed in version
2.9.4+dfsg1-2.2+deb9u7.

We recommend that you upgrade your libxml2 packages.

For the detailed security status of libxml2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libxml2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
Package : libxml2
Version : 2.9.4+dfsg1-2.2+deb9u7
CVE ID : CVE-2022-29824
Debian Bug : 1010526

Related News

Samba Patches Vulnerability That Can Lead to DoS, Remote Code Execution

Ubuntu Isn't Yet Onboard With GNOME's "Device Security" Screen

Secure Boot Disabled? GNOME Will Soon Warn You About it!

News

Advisories

HOWTOs

Features

Linux Container Security Primer
Email Phishing Using Kali Linux
Is Linux A More Secure Option Than Windows For Businesses?
How Secure Is Linux?
How To Secure Against WordPress Vulnerabilities with Predictive Analysis Detection & Automated Remediation

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy