Release date:
2026-06-22 14:41:08 UTC
Description:
- CVE-2023-29469: guard xmlDictComputeFastKey against namelen <= 0 to prevent
out-of-bounds read when hashing zero-length or negative-length keys
- CVE-2023-45322: fix use-after-free in xmlNodeDumpOutputInternal triggered
by malformed XML when default error handler interacts with freed memory
- CVE-2024-34459: bound the backwards trim in xmlHTMLPrintFileContext so it
cannot overread the buffer when scanning for newline / carriage-return
- CVE-2025-9714: keep and restore XPath context depth across recursive
xmlXPathRunEval invocations (EXSLT dyn:map / dyn:evaluate) to avoid stack
overflow when the recursion limit was being reset prematurely
Updated packages:
-
libxml2-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:18e26c2e982c6d24abdd5093bf3a1bbb34b29dbe73f457ec3dc0a90ded98cfbb
-
libxml2-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:0bf12b6791db51f0c007f2a0cdc715f7a3b2251a4ad3f999cebccc661ed5fae1
-
libxml2-devel-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:8dead89b11c35a9ebf36e861a20396d957777aa23d581a0596f0df0b6fd92d74
-
libxml2-devel-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:6ac84fe2366d56a17359aa2343d234243293bb150410706a6548eec96e7d115c
-
libxml2-python-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:73247abed63c13e879d583ff454da337b675e4c246215891df272b7d90c93f2d
-
libxml2-static-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:7a824683043569038dc4cb54f897646e9c22cfb474f77a2cd78515116e14f601
-
libxml2-static-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:d3e771a41971d5642e26b557bf1964c57eb96e5b9b55ad30488de23539b092ce
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
