Security update for libxml2
This update for libxml2 fixes the following issues:
- CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel (bsc#1185698)
- CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess (bsc#1185408).
- CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal (bsc#1185410).
- CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesInternal (bsc#1185409).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Pedro Monreal Gonzalez (pmonrealgonzalez)
Fixed bugs
bnc#1185698
VUL-0: CVE-2021-3537: libxml2: python-libxml2-python: python-libxml2: libxml2-python: NULL pointer dereference in valid.c in xmlValidBuildAContentModel
bnc#1185410
VUL-0: CVE-2021-3517: libxml2: heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c
bnc#1185408
VUL-0: CVE-2021-3518: libxml2: use-after-free in xmlXIncludeDoProcess() in xinclude.c
bnc#1185409
VUL-0: CVE-2021-3516: libxml2: use-after-free in xmlEncodeEntitiesInternal() in entities.c
