Advisory: CLSA-2025:1748282288
OS: Ubuntu 16.04 ELS
Public date: 2025-05-26 17:58:10
Project: libxml2
Version: 2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9
Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1748282288.html
* SECURITY UPDATE: Out-of-bounds memory access in Python API bindings - debian/patches/CVE-2025-32414.patch: Limit character reads and reserve buffer space for UTF-8 encoding to prevent overflow - CVE-2025-32414 * SECURITY UPDATE: Heap buffer under-read in XML schema validation - debian/patches/CVE-2025-32415.patch: Fix heap buffer overflow in xmlSchemaIDCFillNodeTables - CVE-2025-32415
Update command: apt-get update apt-get --only-upgrade install libxml2*
libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_all.deb libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els9_amd64.deb