Overview

File _patchinfo of Package patchinfo.30541

<patchinfo incident="30541">
  <issue tracker="cve" id="2023-28484"/>
  <issue tracker="cve" id="2023-29469"/>
  <issue tracker="cve" id="2023-39615"/>
  <issue tracker="cve" id="2016-3709"/>
  <issue tracker="bnc" id="1210412">VUL-0: CVE-2023-29469: libxml2,python-libxml2: Hashing of empty dict strings isn't deterministic</issue>
  <issue tracker="bnc" id="1210411">VUL-0: CVE-2023-28484: libxml2,python-libxml2: NULL dereference in xmlSchemaFixupComplexType</issue>
  <issue tracker="bnc" id="1214768">VUL-0: CVE-2023-39615: libxml2,python-libxml2: crafted xml can cause global buffer overflow</issue>
  <issue tracker="bnc" id="1201978">VUL-0: CVE-2016-3709: libxml2,libxml2-python,rubygem-nokogiri: Cross-site scripting vulnerability in libxml</issue>
  <packager>david.anes</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libxml2</summary>
  <description>This update for libxml2 fixes the following issues:

- CVE-2023-29469: Fixed not deterministic hashing of empty dict strings (bsc#1210412).
- CVE-2023-28484: Fixed NULL dereference in xmlSchemaFixupComplexType (bsc#1210411).
- CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768).
- CVE-2016-3709: Fixed cross-site scripting vulnerability in libxml (bsc#1201978).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places