Security update for libxml2
- update to 2.9.3
* full changelog: http://www.xmlsoft.org/news.html
* fixed CVEs: CVE-2015-8242, CVE-2015-7500, CVE-2015-7499,
CVE-2015-5312, CVE-2015-7497, CVE-2015-7498,
CVE-2015-8035, CVE-2015-7942, CVE-2015-1819,
CVE-2015-7941, CVE-2014-3660, CVE-2014-0191,
CVE-2015-8241, CVE-2015-8317
* fixed bugs: [bsc#928193], [bsc#951734], [bsc#951735],
[bsc#954429], [bsc#956018], [bsc#956021],
[bsc#956260], [bsc#957105], [bsc#957106],
[bsc#957107], [bsc#957109], [bsc#957110]
-
Submitted by
Kristyna Streitova (kstreitova)
Fixed bugs
bnc#951735
Heap-buffer-overflow in xmlParseConditionalSections
bnc#951734
Crafted xml causes out of bound memory access
bnc#957105
Another entity expansion issue
bnc#957106
Heap buffer overflow in xmlDictComputeFastQKey
bnc#957107
Processes entities after encoding conversion failures
bnc#957109
Add xmlHaltParser() to stop the parser / Detect incoherency on GROW
bnc#956260
Several out of bounds reads
bnc#954429
DoS when parsing specially crafted XML document if XZ support is enabled
bnc#957110
Fix memory access error due to incorrect entities boundaries
bnc#928193
Denial of service processing a crafted XML document
bnc#956018
Buffer overread with XML parser in xmlNextChar
bnc#956021
Buffer overread with HTML parser in push mode in xmlSAX2TextNode
