Release date:
2026-06-29 10:41:06 UTC
Description:
- CVE-2023-29469: guard xmlDictComputeFastKey against namelen <= 0 to prevent
out-of-bounds read when hashing zero-length or negative-length keys
- CVE-2023-45322: fix use-after-free in xmlNodeDumpOutputInternal triggered
by malformed XML when default error handler interacts with freed memory
- CVE-2024-34459: bound the backwards trim in xmlHTMLPrintFileContext so it
cannot overread the buffer when scanning for newline / carriage-return
- CVE-2025-9714: keep and restore XPath context depth across recursive
xmlXPathRunEval invocations (EXSLT dyn:map / dyn:evaluate) to avoid stack
overflow when the recursion limit was being reset prematurely
Updated packages:
-
libxml2-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:5e7cded3b1376fac01f7e7a1c61bdf71d8e68bc4c564c588f5d2627b65b7e296
-
libxml2-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:e3ce1d171c78f775d443c7b51b3bc62aa65da84cbcfe9c72171814939a7b5d38
-
libxml2-devel-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:87802afdcdc6c02e268f634aba04448a5ffa32855eb1cd42aaadcfae59da646b
-
libxml2-devel-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:5526b36d2533d16e2bb49c7600aabe3ecfb1568793d25539b302f5468fd0386e
-
libxml2-python-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:416488ee8961ff0ff5fe3cb42074d3246f23d4f3acd105f60c08e1e225b330bc
-
libxml2-static-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:24546b801855d9042da3d96772690ec7e412e453ed39ccc1455d4334b51a30ce
-
libxml2-static-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:5fb4ab06a6a9c5aa464afef89cf68ae4341c5aa659de4a26ccec835ba2742847
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
