|
|
Subscribe / Log in / New account

Debian alert DLA-2653-1 (libxml2)



From:
              Emilio Pozuelo Monfort <pochu@debian.org>


To:
              <debian-lts-announce@lists.debian.org>


Subject:
              [SECURITY] [DLA 2653-1] libxml2 security update


Date:
              Mon, 10 May 2021 14:31:54 +0200


Message-ID:
              <20210510123154.1EB552A441C@andromeda>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2653-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/               Emilio Pozuelo Monfort
May 10, 2021                                  https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : libxml2
Version        : 2.9.4+dfsg1-2.2+deb9u4
CVE ID         : CVE-2021-3516 CVE-2021-3517 CVE-2021-3518 CVE-2021-3537

Several vulnerabilities were discovered in libxml2, a library providing
support to read, modify and write XML and HTML files, which could cause
denial of service via application crash when parsing specially crafted
files.

For Debian 9 stretch, these problems have been fixed in version
2.9.4+dfsg1-2.2+deb9u4.

We recommend that you upgrade your libxml2 packages.

For the detailed security status of libxml2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libxml2

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmCZJ7kACgkQnUbEiOQ2
gwJi2xAAiGJrSLld80e48zeaii7cVSUEVL/722Efyf4SJ3xUyoVPa4AVhUQJhDQr
kVl3VPQtnZXjNEmwhT+fq3s/oqbul6Kl7M8YGeMVgk+pDk9QJhhXkY8XdhXadl78
yHpVj0BOEMJAc+OaM8azyGV+dOH0GCOj0dJHHViaW5ahGAEcLWD24yP7mTCHpH6r
uqqneiWcWg176bLFVl32dIcnBwe7ej/st1SwQv1yvAGRTB6unOzgUe5CevFP/N+J
ne12m1AiYb9TnYbyOWTvwt8GWeh7JRfjGoYWVCNhNMLbjVtOUTOIMLhJ1GouLL/2
frgPN9KbzCCRLSPGKKOpgsNMm7jAh1r46kt1oZ5bJsp7cz33LHXef0V6GK9+1AsR
VSQhX1RAVWZBnuaWgK2PmgFKFoDKbiW+xEmCIC6FK/IgzPrcJDDrXHDqPTCNNpZs
e6aa/Qz9tCnEjWmGyITUs1yBBzWRKmqi84Wwk275NnfDVT1EShXXJzQYjf7pekgS
k5fsly3JYTgFUV90QBM/5bbdHTGUEyKpehxa8lp5n7546ktrDz8q+Mi+LGgrvBWh
wH4cyOV8Fz/kp+GTd5q7NBpFk17cYHeVMZYOiFOZW15qTvzbA4DSdoZWIEImhxGK
d+BVwmoxRuf+boydkeb9RFSUHA4niDsvi7ZDGkfPpZE6SOZalDw=
=yPqJ
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds