Release date:
2026-06-29 10:51:43 UTC
Description:
- CVE-2023-29469: guard xmlDictComputeFastKey against namelen <= 0 to prevent
out-of-bounds read when hashing zero-length or negative-length keys
- CVE-2023-45322: fix use-after-free in xmlNodeDumpOutputInternal triggered
by malformed XML when default error handler interacts with freed memory
- CVE-2024-34459: bound the backwards trim in xmlHTMLPrintFileContext so it
cannot overread the buffer when scanning for newline / carriage-return
- CVE-2025-9714: keep and restore XPath context depth across recursive
xmlXPathRunEval invocations (EXSLT dyn:map / dyn:evaluate) to avoid stack
overflow when the recursion limit was being reset prematurely
Updated packages:
-
libxml2-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:ebd3cc8ef86992455da35dab560d2be722f32c84c367b532b74a248f8476e05f
-
libxml2-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:dfca955f7eeb5d9482727771ebaaf9dbf6b9fcb3a4e4b8b02b0e2c3cd2a1f404
-
libxml2-devel-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:4118f00dd15d163b172ca6c94f33427ac6152ada16e9096bd808156456f14c4c
-
libxml2-devel-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:16af94f0925ddd3ccd93aed3d3726fa0a2d5dbfba8e0bc03ed2eaeec695b9c20
-
libxml2-python-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:f3fb6f3d0370f936042e93aebee734199e06e4ffc258871f3f634af0ea9519e1
-
libxml2-static-2.9.1-6.0.11.el7_9.6.tuxcare.els5.i686.rpm
sha:36c2d63f2b1922816e5e3015c9d54244300e30a27af8ec99750af95c08db5d28
-
libxml2-static-2.9.1-6.0.11.el7_9.6.tuxcare.els5.x86_64.rpm
sha:e6d5616dd4f16f850cf0b2374be733f71987b253f1ccdb314ff7a86931f0f090
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
