CVE dashboard by TuxСare

Advisory: CLSA-2025:1746653948

OS: Ubuntu 20.04 ELS

Public date: 2025-05-07 21:39:10

Project: libxml2

Version: 2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1

Errata link: https://errata.tuxcare.com/ubuntu20.04-els/CLSA-2025-1746653948.html

* SECURITY UPDATE: OOB access in python API - debian/patches/CVE-2025-32414-pre1.patch: fix SAX driver with character streams in python/drv_libxml2.py. - debian/patches/CVE-2025-32414-1.patch: read at most len/4 characters in python/libxml.c. - debian/patches/CVE-2025-32414-2.patch: add a test in python/tests/Makefile.am, python/tests/unicode.py. - CVE-2025-32414 * SECURITY UPDATE: heap under-read in xmlSchemaIDCFillNodeTables - debian/patches/CVE-2025-32415.patch: fix heap buffer overflow in xmlSchemaIDCFillNodeTables in xmlschemas.c. - CVE-2025-32415

Update command: apt-get update apt-get --only-upgrade install libxml2*

libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb libxml2-dev_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb libxml2-doc_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_all.deb libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb python-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb python3-libxml2_2.9.10+dfsg-5ubuntu0.20.04.10+tuxcare.els1_amd64.deb

Release Info

Changelog

Update

Packages list

CVEs