Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability can now be installed.. # Security update for libxml2 Announcement ID: SUSE-SU-2026:3095-1 Release Date: 2026-07-17T11:38:38Z Rating: important References: * bsc#1269790 Cross-References: * CVE-2026-11979 CVSS scores: * CVE-2026-11979 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-11979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11979 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-11979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issue * CVE-2026-11979: stack-based buffer overflows in the `xmlcatalog` utility when running in `--shell` mode (bsc#1269790). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-3095=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-3095=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-3095=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-3095=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-3095=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-3095=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-3095=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3095=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3095=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-devel-2.9.14-150400.5.58.1 * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * python311-libxml2-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * python311-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-32bit-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-python-debugsource-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 *libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-python-debugsource-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libxml2-devel-2.9.14-150400.5.58.1 * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * python311-libxml2-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-python-debugsource-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * python311-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-64bit-2.9.14-150400.5.58.1 * libxml2-devel-64bit-2.9.14-150400.5.58.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.58.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-32bit-2.9.14-150400.5.58.1 * libxml2-devel-32bit-2.9.14-150400.5.58.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libxml2-devel-2.9.14-150400.5.58.1 * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * python311-libxml2-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * python311-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-32bit-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Server for SAPApplications 15 SP4 (ppc64le x86_64) * libxml2-devel-2.9.14-150400.5.58.1 * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * python311-libxml2-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * python311-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-32bit-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-python-debugsource-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-python-debugsource-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libxml2-devel-2.9.14-150400.5.58.1 * python3-libxml2-2.9.14-150400.5.58.1 * libxml2-debugsource-2.9.14-150400.5.58.1 * python311-libxml2-2.9.14-150400.5.58.1 * libxml2-2-debuginfo-2.9.14-150400.5.58.1 * python3-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-tools-debuginfo-2.9.14-150400.5.58.1 * python311-libxml2-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-2.9.14-150400.5.58.1 * libxml2-tools-2.9.14-150400.5.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.58.1 * libxml2-2-32bit-2.9.14-150400.5.58.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11979.html * https://bugzilla.suse.com/show_bug.cgi?id=1269790 . Update for openSUSE libxml2 addresses important buffer overflow issue, available for various versions.. OpenSUSE libxml2 update, Security advisory for libxml2, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # Security update for libxml2 Announcement ID: SUSE-SU-2026:3096-1 Release Date: 2026-07-17T11:39:17Z Rating: important References: * bsc#1269790 Cross-References: * CVE-2026-11979 CVSS scores: * CVE-2026-11979 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-11979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11979 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-11979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issue * CVE-2026-11979: stack-based buffer overflows in the `xmlcatalog` utility when running in `--shell` mode (bsc#1269790). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-3096=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP5-2026-3096=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3096=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-3096=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-3096=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-3096=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-3096=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-3096=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 *python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * openSUSE Leap 15.5 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * openSUSE Leap 15.5 (noarch) * libxml2-doc-2.10.3-150500.5.41.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libxml2-2-64bit-debuginfo-2.10.3-150500.5.41.1 * libxml2-2-64bit-2.10.3-150500.5.41.1 * libxml2-devel-64bit-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 *libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libxml2-2-32bit-2.10.3-150500.5.41.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.41.1 * SUSELinux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libxml2-python-debugsource-2.10.3-150500.5.41.1 * python311-libxml2-2.10.3-150500.5.41.1 * python311-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-debugsource-2.10.3-150500.5.41.1 * libxml2-2-2.10.3-150500.5.41.1 * libxml2-devel-2.10.3-150500.5.41.1 * python3-libxml2-2.10.3-150500.5.41.1 * libxml2-2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-debuginfo-2.10.3-150500.5.41.1 * python3-libxml2-debuginfo-2.10.3-150500.5.41.1 * libxml2-tools-2.10.3-150500.5.41.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11979.html * https://bugzilla.suse.com/show_bug.cgi?id=1269790 . The update for libxml2 addresses a critical buffer overflow issue that poses security risks with strong recommendations for users.. openSUSE security, libxml2 update, buffer overflow, important patch. . Severity: Important. LinuxSecurity.com Team
Low: libxml2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39304", "synopsis": "Low: libxml2 security update", "severity": "SEVERITY_LOW", "topic": "An update is available for libxml2.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling (CVE-2025-6170)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2372952", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952", "description": ""}], "cves": [{"name": "CVE-2025-6170", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "cvss3BaseScore": "2.5", "cwe": "CWE-121"}], "references": [], "publishedAt": "2026-07-15T12:06:01.640959Z", "rpms": {"Rocky Linux 10": {"nvras": ["libxml2-static-0:2.12.5-10.el10_2.2.s390x.rpm", "python3-libxml2-debuginfo-0:2.12.5-10.el10_2.2.x86_64.rpm", "python3-libxml2-0:2.12.5-10.el10_2.2.aarch64.rpm", "libxml2-static-0:2.12.5-10.el10_2.2.aarch64.rpm", "libxml2-0:2.12.5-10.el10_2.2.aarch64.rpm", "libxml2-static-0:2.12.5-10.el10_2.2.x86_64.rpm", "libxml2-debuginfo-0:2.12.5-10.el10_2.2.ppc64le.rpm", "libxml2-debuginfo-0:2.12.5-10.el10_2.2.s390x.rpm", "libxml2-debuginfo-0:2.12.5-10.el10_2.2.x86_64.rpm", "libxml2-debugsource-0:2.12.5-10.el10_2.2.x86_64.rpm", "libxml2-debugsource-0:2.12.5-10.el10_2.2.aarch64.rpm", "libxml2-static-0:2.12.5-10.el10_2.2.ppc64le.rpm","libxml2-0:2.12.5-10.el10_2.2.s390x.rpm", "python3-libxml2-debuginfo-0:2.12.5-10.el10_2.2.ppc64le.rpm", "libxml2-debugsource-0:2.12.5-10.el10_2.2.s390x.rpm", "python3-libxml2-debuginfo-0:2.12.5-10.el10_2.2.aarch64.rpm", "python3-libxml2-0:2.12.5-10.el10_2.2.ppc64le.rpm", "libxml2-devel-0:2.12.5-10.el10_2.2.x86_64.rpm", "python3-libxml2-0:2.12.5-10.el10_2.2.s390x.rpm", "libxml2-0:2.12.5-10.el10_2.2.ppc64le.rpm", "python3-libxml2-debuginfo-0:2.12.5-10.el10_2.2.s390x.rpm", "libxml2-devel-0:2.12.5-10.el10_2.2.s390x.rpm", "libxml2-debuginfo-0:2.12.5-10.el10_2.2.aarch64.rpm", "libxml2-0:2.12.5-10.el10_2.2.x86_64.rpm", "libxml2-devel-0:2.12.5-10.el10_2.2.aarch64.rpm", "libxml2-devel-0:2.12.5-10.el10_2.2.ppc64le.rpm", "libxml2-debugsource-0:2.12.5-10.el10_2.2.ppc64le.rpm", "libxml2-0:2.12.5-10.el10_2.2.src.rpm", "python3-libxml2-0:2.12.5-10.el10_2.2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A new low-severity update for libxml2 addresses a buffer overflow issue impacting Rocky Linux 10 with CVE-2025-6170.. libxml2 security update, rocky linux advisory, libxml2 buffer overflow. . Severity: Low. LinuxSecurity.com Team
Low: libxml2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39317", "synopsis": "Low: libxml2 security update", "severity": "SEVERITY_LOW", "topic": "An update is available for libxml2.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling (CVE-2025-6170)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2372952", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952", "description": ""}], "cves": [{"name": "CVE-2025-6170", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L", "cvss3BaseScore": "2.5", "cwe": "CWE-121"}], "references": [], "publishedAt": "2026-07-15T12:03:43.176942Z", "rpms": {"Rocky Linux 9": {"nvras": ["libxml2-0:2.9.13-14.el9_8.2.aarch64.rpm", "libxml2-0:2.9.13-14.el9_8.2.i686.rpm", "libxml2-0:2.9.13-14.el9_8.2.ppc64le.rpm", "libxml2-0:2.9.13-14.el9_8.2.s390x.rpm", "libxml2-0:2.9.13-14.el9_8.2.src.rpm", "libxml2-0:2.9.13-14.el9_8.2.x86_64.rpm", "libxml2-debuginfo-0:2.9.13-14.el9_8.2.aarch64.rpm", "libxml2-debuginfo-0:2.9.13-14.el9_8.2.i686.rpm", "libxml2-debuginfo-0:2.9.13-14.el9_8.2.ppc64le.rpm", "libxml2-debuginfo-0:2.9.13-14.el9_8.2.s390x.rpm", "libxml2-debuginfo-0:2.9.13-14.el9_8.2.x86_64.rpm", "libxml2-debugsource-0:2.9.13-14.el9_8.2.aarch64.rpm", "libxml2-debugsource-0:2.9.13-14.el9_8.2.i686.rpm","libxml2-debugsource-0:2.9.13-14.el9_8.2.ppc64le.rpm", "libxml2-debugsource-0:2.9.13-14.el9_8.2.s390x.rpm", "libxml2-debugsource-0:2.9.13-14.el9_8.2.x86_64.rpm", "libxml2-devel-0:2.9.13-14.el9_8.2.aarch64.rpm", "libxml2-devel-0:2.9.13-14.el9_8.2.i686.rpm", "libxml2-devel-0:2.9.13-14.el9_8.2.ppc64le.rpm", "libxml2-devel-0:2.9.13-14.el9_8.2.s390x.rpm", "libxml2-devel-0:2.9.13-14.el9_8.2.x86_64.rpm", "python3-libxml2-0:2.9.13-14.el9_8.2.aarch64.rpm", "python3-libxml2-0:2.9.13-14.el9_8.2.ppc64le.rpm", "python3-libxml2-0:2.9.13-14.el9_8.2.s390x.rpm", "python3-libxml2-0:2.9.13-14.el9_8.2.x86_64.rpm", "python3-libxml2-debuginfo-0:2.9.13-14.el9_8.2.aarch64.rpm", "python3-libxml2-debuginfo-0:2.9.13-14.el9_8.2.ppc64le.rpm", "python3-libxml2-debuginfo-0:2.9.13-14.el9_8.2.s390x.rpm", "python3-libxml2-debuginfo-0:2.9.13-14.el9_8.2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A low severity security update is available for libxml2 in Rocky Linux 9 to fix a stack buffer overflow issue.. Rocky Linux security update, libxml2 low severity, buffer overflow fix. . Severity: Low. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-39317 http://linux.oracle.com/errata/ELSA-2026-39317.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libxml2-2.9.13-14.el9_8.2.i686.rpm libxml2-2.9.13-14.el9_8.2.x86_64.rpm libxml2-devel-2.9.13-14.el9_8.2.i686.rpm libxml2-devel-2.9.13-14.el9_8.2.x86_64.rpm python3-libxml2-2.9.13-14.el9_8.2.x86_64.rpm aarch64: libxml2-2.9.13-14.el9_8.2.aarch64.rpm libxml2-devel-2.9.13-14.el9_8.2.aarch64.rpm python3-libxml2-2.9.13-14.el9_8.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libxml2-2.9.13-14.el9_8.2.src.rpm Related CVEs: CVE-2025-6170 Description of changes: [2.9.13-14.2] - Fix CVE-2025-6170 (RHEL-182016) _______________________________________________ El-errata mailing list
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for libxml2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21317-1 Rating: important References: * bsc#1262719 * bsc#1269790 Cross-References: * CVE-2026-11979 * CVE-2026-6732 CVSS scores: * CVE-2026-11979 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11979 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6732 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6732 ( SUSE ): 6 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for libxml2 fixes the following issues - CVE-2026-6732: crafted XSD-validated document can cause a denial of service (bsc#1262719). - CVE-2026-11979: stack-based buffer overflows in the `xmlcatalog` utility when running in `--shell` mode (bsc#1269790). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-1220=1 Package List: - openSUSE Leap 16.0: libxml2-2-2.13.8-160000.5.1 libxml2-devel-2.13.8-160000.5.1 libxml2-doc-2.13.8-160000.5.1 libxml2-tools-2.13.8-160000.5.1 python313-libxml2-2.13.8-160000.5.1 References: * https://www.suse.com/security/cve/CVE-2026-11979.html * https://www.suse.com/security/cve/CVE-2026-6732.html . This openSUSE security update addresses important issues in libxml2, fixing vulnerabilities and bugs that could compromise system stability.. openSUSE security, libxml2 update, denial of service, stackoverflow. . Severity: Important. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # libxml2-16-2.15.3-2.1 on GA media Announcement ID: openSUSE-SU-2026:11258-1 Rating: moderate Cross-References: * CVE-2026-11979 CVSS scores: * CVE-2026-11979 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11979 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the libxml2-16-2.15.3-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * libxml2-16 2.15.3-2.1 * libxml2-16-32bit 2.15.3-2.1 * libxml2-devel 2.15.3-2.1 * libxml2-devel-32bit 2.15.3-2.1 * libxml2-tools 2.15.3-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11979.html . Update available for openSUSE Tumbleweed addressing a moderate vulnerability impacting libxml2 packages.. openSUSE Tumbleweed, libxml2 security, moderate vulnerability, libxml2 patch, security advisory. . Severity: moderate. LinuxSecurity.com Team
Security update. Publication date: 13 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0248.html Type: security Affected Mageia releases: 10 CVE: CVE-2026-6732 Description: The updated packages fix a security vulnerability: Denial of service via crafted xsd-validated document. (CVE-2026-6732) References: - https://bugs.mageia.org/show_bug.cgi?id=35749 - https://ubuntu.com/security/notices/USN-8460-1 - https://gitlab.gnome.org/GNOME/libxml2/-/issues/1097 - https://www.cve.org/CVERecord?id=CVE-2026-6732 SRPMS: - 10/core/libxml2-2.15.1-3.1.mga10 . The Mageia 10 security update addresses a critical denial of service issue in libxml2, linked to CVE-2026-6732.. Mageia security updates, libxml2 vulnerabilities, CVE-2026-6732. . Severity: Critical. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.