Oval Definition:oval:org.opensuse.security:def:56218
Revision Date:2020-12-01Version:1
Title:Security update for libxml2 (Moderate)
Description:



This update for libxml2 fixes the following issues:

CVE-2016-4658: use-after-free error could lead to crash [bsc#1005544] * Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] * CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497).

For CVE-2016-9318 we decided not to ship a fix since it can break existing setups. Please take appropriate actions if you parse untrusted XML files and use the new -noxxe flag if possible (bnc#1010675, bnc#1013930).
Family:unixClass:patch
Status:Reference(s):1005544
1007280
1010161
1010163
1010675
1011103
1011107
1013930
1014873
1017497
1018128
1030263
1032114
1032120
1036453
1037559
1059777
1061076
1061077
1061080
1061081
1061082
1061084
1061086
1061087
1118319
1118320
1171252
1171254
914890
930077
930078
958324
974449
974840
984813
984815
987351
CVE-2009-0163
CVE-2009-2820
CVE-2009-3553
CVE-2010-0393
CVE-2010-0540
CVE-2010-0542
CVE-2010-1748
CVE-2010-2941
CVE-2012-2417
CVE-2012-2669
CVE-2012-5519
CVE-2012-5532
CVE-2012-6094
CVE-2013-1445
CVE-2013-1982
CVE-2013-2003
CVE-2013-2063
CVE-2014-2653
CVE-2014-2856
CVE-2014-3537
CVE-2014-5029
CVE-2014-5030
CVE-2014-5031
CVE-2014-8127
CVE-2014-9679
CVE-2015-1158
CVE-2015-1159
CVE-2015-4141
CVE-2015-4142
CVE-2015-5352
CVE-2015-5600
CVE-2015-6563
CVE-2015-6564
CVE-2015-8045
CVE-2015-8047
CVE-2015-8048
CVE-2015-8049
CVE-2015-8050
CVE-2015-8055
CVE-2015-8056
CVE-2015-8057
CVE-2015-8058
CVE-2015-8059
CVE-2015-8060
CVE-2015-8061
CVE-2015-8062
CVE-2015-8063
CVE-2015-8064
CVE-2015-8065
CVE-2015-8066
CVE-2015-8067
CVE-2015-8068
CVE-2015-8069
CVE-2015-8070
CVE-2015-8071
CVE-2015-8401
CVE-2015-8402
CVE-2015-8403
CVE-2015-8404
CVE-2015-8405
CVE-2015-8406
CVE-2015-8407
CVE-2015-8408
CVE-2015-8409
CVE-2015-8410
CVE-2015-8411
CVE-2015-8412
CVE-2015-8413
CVE-2015-8414
CVE-2015-8415
CVE-2015-8416
CVE-2015-8417
CVE-2015-8418
CVE-2015-8419
CVE-2015-8420
CVE-2015-8421
CVE-2015-8422
CVE-2015-8423
CVE-2015-8424
CVE-2015-8425
CVE-2015-8426
CVE-2015-8427
CVE-2015-8428
CVE-2015-8429
CVE-2015-8430
CVE-2015-8431
CVE-2015-8432
CVE-2015-8433
CVE-2015-8434
CVE-2015-8435
CVE-2015-8436
CVE-2015-8437
CVE-2015-8438
CVE-2015-8439
CVE-2015-8440
CVE-2015-8441
CVE-2015-8442
CVE-2015-8443
CVE-2015-8444
CVE-2015-8445
CVE-2015-8446
CVE-2015-8447
CVE-2015-8448
CVE-2015-8449
CVE-2015-8450
CVE-2015-8451
CVE-2015-8452
CVE-2015-8453
CVE-2015-8454
CVE-2015-8455
CVE-2016-10220
CVE-2016-3622
CVE-2016-3658
CVE-2016-4658
CVE-2016-5321
CVE-2016-5323
CVE-2016-5652
CVE-2016-5875
CVE-2016-9273
CVE-2016-9297
CVE-2016-9318
CVE-2016-9448
CVE-2016-9453
CVE-2016-9597
CVE-2016-9601
CVE-2017-15588
CVE-2017-15589
CVE-2017-15590
CVE-2017-15591
CVE-2017-15592
CVE-2017-15593
CVE-2017-15594
CVE-2017-15595
CVE-2017-5526
CVE-2017-5951
CVE-2017-7207
CVE-2017-8291
CVE-2017-8779
CVE-2018-9568
CVE-2020-12653
CVE-2020-12654
SUSE-SU-2015:2221-1
SUSE-SU-2015:2236-1
SUSE-SU-2016:3301-1
SUSE-SU-2017:0380-1
SUSE-SU-2017:1138-1
SUSE-SU-2017:1306-1
SUSE-SU-2017:2873-1
SUSE-SU-2020:1475-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • coreutils-8.29-lp150.2 is installed
  • OR coreutils-lang-8.29-lp150.2 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • tomcat-9.0.21-lp151.3.3 is installed
  • OR tomcat-admin-webapps-9.0.21-lp151.3.3 is installed
  • OR tomcat-docs-webapp-9.0.21-lp151.3.3 is installed
  • OR tomcat-el-3_0-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-embed-9.0.21-lp151.3.3 is installed
  • OR tomcat-javadoc-9.0.21-lp151.3.3 is installed
  • OR tomcat-jsp-2_3-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-jsvc-9.0.21-lp151.3.3 is installed
  • OR tomcat-lib-9.0.21-lp151.3.3 is installed
  • OR tomcat-servlet-4_0-api-9.0.21-lp151.3.3 is installed
  • OR tomcat-webapps-9.0.21-lp151.3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.554-0.29 is installed
  • OR flash-player-gnome-11.2.202.554-0.29 is installed
  • OR flash-player-kde4-11.2.202.554-0.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libxml2-2.9.4-33 is installed
  • OR libxml2-2-2.9.4-33 is installed
  • OR libxml2-2-32bit-2.9.4-33 is installed
  • OR libxml2-tools-2.9.4-33 is installed
  • OR python-libxml2-2.9.4-33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cups-1.7.5-9 is installed
  • OR cups-client-1.7.5-9 is installed
  • OR cups-libs-1.7.5-9 is installed
  • OR cups-libs-32bit-1.7.5-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • xen-4.5.5_18-22.31 is installed
  • OR xen-doc-html-4.5.5_18-22.31 is installed
  • OR xen-kmp-default-4.5.5_18_k3.12.74_60.64.60-22.31 is installed
  • OR xen-libs-4.5.5_18-22.31 is installed
  • OR xen-libs-32bit-4.5.5_18-22.31 is installed
  • OR xen-tools-4.5.5_18-22.31 is installed
  • OR xen-tools-domU-4.5.5_18-22.31 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND hyper-v-7-13 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • qemu-2.6.2-41.46 is installed
  • OR qemu-block-curl-2.6.2-41.46 is installed
  • OR qemu-block-rbd-2.6.2-41.46 is installed
  • OR qemu-block-ssh-2.6.2-41.46 is installed
  • OR qemu-guest-agent-2.6.2-41.46 is installed
  • OR qemu-ipxe-1.0.0-41.46 is installed
  • OR qemu-kvm-2.6.2-41.46 is installed
  • OR qemu-lang-2.6.2-41.46 is installed
  • OR qemu-seabios-1.9.1-41.46 is installed
  • OR qemu-sgabios-8-41.46 is installed
  • OR qemu-tools-2.6.2-41.46 is installed
  • OR qemu-vgabios-1.9.1-41.46 is installed
  • OR qemu-x86-2.6.2-41.46 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.3.0-109.50 is installed
  • OR MozillaFirefox-devel-60.3.0-109.50 is installed
  • OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_29-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_10-11-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • libpolkit0-0.113-5.6 is installed
  • OR polkit-0.113-5.6 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libecpg6-10.6-1.6 is installed
  • OR libpq5-10.6-1.6 is installed
  • OR libpq5-32bit-10.6-1.6 is installed
  • OR postgresql10-10.6-1.6 is installed
  • OR postgresql10-contrib-10.6-1.6 is installed
  • OR postgresql10-docs-10.6-1.6 is installed
  • OR postgresql10-libs-10.6-1.6 is installed
  • OR postgresql10-server-10.6-1.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libvpx1-1.3.0-3.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-pycrypto-2.6.1-2 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • storm-1.0.5-5 is installed
  • OR storm-nimbus-1.0.5-5 is installed
  • OR storm-supervisor-1.0.5-5 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • git-2.26.2-27.36 is installed
  • OR git-core-2.26.2-27.36 is installed
  • BACK