Overview

File _patchinfo of Package patchinfo.25883

<patchinfo incident="25883">
  <issue tracker="bnc" id="1201978">VUL-0: CVE-2016-3709: libxml2,libxml2-python,rubygem-nokogiri: Cross-site scripting vulnerability in libxml</issue>
  <issue tracker="bnc" id="1204367">VUL-0: CVE-2022-40304: libxml2: Fix dict corruption caused by entity reference cycles</issue>
  <issue tracker="bnc" id="1204366">VUL-0: CVE-2022-40303: libxml2: Fix integer overflows with XML_PARSE_HUGE</issue>
  <issue tracker="cve" id="2016-3709"/>
  <issue tracker="cve" id="2022-40303"/>
  <issue tracker="cve" id="2022-40304"/>
  <packager>pmonrealgonzalez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libxml2</summary>
  <description>This update for libxml2 fixes the following issues:

  - CVE-2016-3709: Fixed possible XSS vulnerability (bsc#1201978).    
  - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366).    
  - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places