{"id":"MGASA-2018-0048","summary":"Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities","details":"Use-after-free error could lead to crash (CVE-2016-4658).\n\nUse-after-free vulnerability in libxml2 through 2.9.4 allows remote\nattackers to cause a denial of service or possibly have unspecified\nother impact via vectors related to the XPointer range-to function\n(CVE-2016-5131).\n\nlibxml2 2.9.4 and earlier does not offer a flag directly indicating that\nthe current document may be read but other files may not be opened,\nwhich makes it easier for remote attackers to conduct XML External\nEntity (XXE) attacks via a crafted document (CVE-2016-9318).\n\nHeap buffer overflow in xmlAddID (CVE-2017-0663).\n\nInteger overflow in memory debug code in libxml2 before 2.9.5\n(CVE-2017-5130).\n\nNULL pointer deref in xmlDumpElementContent (CVE-2017-5969).\n\nPrevent unwanted external entity reference (CVE-2017-7375).\n\nIncrease buffer space for port in HTTP redirect support (CVE-2017-7376).\n\nThe function xmlSnprintfElementContent in valid.c was vulnerable to a\nstack buffer overflow (CVE-2017-9047, CVE-2017-9048).\n\nThe function xmlDictComputeFastKey in dict.c was vulnerable to a\nheap-based buffer over-read (CVE-2017-9049).\n\nThe function xmlDictAddString was vulnerable to a heap-based buffer\nover-read (CVE-2017-9050).\n\nIt was discovered that libxml2 incorrecty handled certain files. An\nattacker could use this issue with specially constructed XML data to\ncause libxml2 to consume resources, leading to a denial of service\n(CVE-2017-15412).\n\nWei Lei discovered that libxml2 incorrecty handled certain parameter\nentities. An attacker could use this issue with specially constructed\nXML data to cause libxml2 to consume resources, leading to a denial of\nservice (CVE-2017-16932).\n\nThe libxml2 package has been updated to version 2.9.7 to fix these\nissues and several other bugs.\n","modified":"2026-02-02T06:21:17.381151Z","published":"2018-01-03T15:50:51Z","related":["CVE-2016-4658","CVE-2016-5131","CVE-2016-9318","CVE-2017-0663","CVE-2017-15412","CVE-2017-16932","CVE-2017-5130","CVE-2017-5969","CVE-2017-7375","CVE-2017-7376","CVE-2017-9047","CVE-2017-9048","CVE-2017-9049","CVE-2017-9050"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0048.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19695"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2017-02/msg00055.html"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2017-06/msg00022.html"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2017-07/msg00000.html"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2017-07/msg00040.html"},{"type":"REPORT","url":"https://usn.ubuntu.com/usn/usn-3513-1/"},{"type":"REPORT","url":"https://usn.ubuntu.com/usn/usn-3504-1/"}],"affected":[{"package":{"name":"libxml2","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/libxml2?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.7-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0048.json"}},{"package":{"name":"perl-XML-LibXML","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/perl-XML-LibXML?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.12.100-1.2.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0048.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}