Debian 11: DLA-3878-1 Critical: libxml2 XSS and Parsing Vulnerability

debian lts

September 5, 2024

Two vulnerabilities have been fixed in the XML library libxml2

Topics Covered

security advisory cross-site scripting NULL pointer libxml2 parser issue html parser Debian 11

Summary

CVE-2016-3709

HTML 4 parser cross-site scripting

CVE-2022-2309

Parser NULL pointer dereference

For Debian 11 bullseye, these problems have been fixed in version
2.9.10+dfsg-6.7+deb11u5.

We recommend that you upgrade your libxml2 packages.

For the detailed security status of libxml2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/libxml2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Package: libxml2

Version: 2.9.10+dfsg-6.7+deb11u5

CVE ID: CVE-2016-3709 CVE-2022-2309

Debian Bug: 1039991

Topics Covered

security advisory cross-site scripting NULL pointer libxml2 parser issue html parser Debian 11

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian 11: DLA-3878-1 Critical: libxml2 XSS and Parsing Vulnerability

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian 11: DLA-3878-1 Critical: libxml2 XSS and Parsing Vulnerability

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!