File _patchinfo of Package patchinfo.13657
<patchinfo incident="13657"> <issue tracker="bnc" id="1159928">VUL-1: CVE-2019-19956: libxml2: xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.</issue> <issue tracker="bnc" id="1161517">VUL-1: CVE-2020-7595: libxml2: xmlStringLenDecodeEntities in parser.c has an infinite loop in a certain end-of-file situation</issue> <issue tracker="bnc" id="1161521">VUL-1: CVE-2019-20388: libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c</issue> <issue tracker="bnc" id="1172021">Recent update of libxml2-2 generates invalid xmlns reference</issue> <issue tracker="bnc" id="1176179">VUL-1: CVE-2020-24977: libxml2: global Buffer Overflow vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c</issue> <issue tracker="cve" id="2019-20388"/> <issue tracker="cve" id="2019-19956"/> <issue tracker="cve" id="2020-7595"/> <issue tracker="cve" id="2020-24977"/> <packager>pmonrealgonzalez</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for libxml2</summary> <description>This update for libxml2 fixes the following issues: - CVE-2019-20388: Fixed a memory leak in xmlSchemaPreRun (bsc#1161521). - CVE-2020-7595: Fixed an infinite loop in an EOF situation (bsc#1161517). - CVE-2020-24977: Fixed a global-buffer-overflow in xmlEncodeEntitiesInternal (bsc#1176179). - Fixed invalid xmlns references due to CVE-2019-19956 (bsc#1172021). </description> </patchinfo>
