openSUSE Build Service

Security update for libxml2

This update for libxml2 fixes the following security issues:

- CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a
denial of service (infinite loop) via a crafted XML file that triggers
LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279).
- CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML
file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint
(bsc#1105166).
- CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval()
function when parsing an invalid XPath expression in the XPATH_OP_AND or
XPATH_OP_OR case leading to a denial of service attack (bsc#1102046).
- CVE-2017-18258: The xz_head function allowed remote attackers to cause a
denial of service (memory consumption) via a crafted LZMA file, because the
decoder functionality did not restrict memory usage to what is required for a
legitimate file (bsc#1088601).

This update was imported from the SUSE:SLE-12-SP2:Update update project.

Submitted by Pedro Monreal Gonzalez (pmonrealgonzalez)

Fixed bugs

bnc#1088601

VUL-1: CVE-2017-18258: libxml2: The xz_head function in xzlib.c in libxml2 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file

bnc#1088279

VUL-1: CVE-2018-9251: libxml2: The xz_decomp function in xzlib.c allows remote attackers to cause a denial of service (infinite loop) via acrafted XML file that triggers LZMA_MEMLIMIT_ERROR

bnc#1102046

VUL-1: CVE-2018-14404 libxml2: NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can allow attackers to cause a denial of service

bnc#1105166

VUL-0: CVE-2018-14567: libxml2: infinite loop in LZMA decompression

Places

Fixed bugs

Selected Binaries

Places