Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 516
Alerts This Week
Warning Icon 1 516

CentOS: CENTOS-2017-3a1c4d07bd High: Mingw-OpenSSL Security Flaw

fedora
Calendar Grey February 17, 2016
Dist Fedora Esm H88
An update for Fedora 23 has been released to fix various vulnerabilities in mingw-libxml2, which includes concerns such as memory leaks and potential buffer overflow risks.
Update to 2.9.3 which fixes various CVE's

Summary

MinGW Windows libxml2 XML processing library.

Update Information:

Update to 2.9.3 which fixes various CVE's

Change Log

References


[ 1 ] Bug #1281952 - mingw-libxml2: libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1281952 [ 2 ] Bug #1277149 - CVE-2015-8035 mingw-libxml2: libxml2: DoS when parsing specially crafted XML document if XZ support is enabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1277149 [ 3 ] Bug #1276299 - CVE-2015-7942 mingw-libxml2: libxml2: heap-based buffer overflow in xmlParseConditionalSections() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1276299 [ 4 ] Bug #1274225 - CVE-2015-7941 mingw-libxml2: libxml2: Out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1274225 [ 5 ] Bug #1262853 - mingw-libxml2: libxml2: Out-of-bounds memory access when parsing unclosed HTMl comment [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1262853

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update mingw-libxml2' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: mingw-libxml2
Product: Fedora 23
Version: 2.9.3
Release: 1.fc23
URL:
Summary: MinGW Windows libxml2 XML processing library

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.