ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2025:1752654590

OS: CentOS Stream 8 ELS

Public date: 2025-07-16 08:29:53

Project: libxml2

Version: 2.9.7-18.el8.tuxcare.els7

Errata link: https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2025-1752654590.html

Changelog

- CVE-2025-49794: fix use-after-free issue triggered by processing certain <sch:name path="..."/> elements in input XML file. - CVE-2025-49796: fix memory corruption issue triggered by processing certain sch:name elements from input XML file - CVE-2025-6021: fix integer overflow in buffer size calculations to prevent stack-based buffer overflow

Update

Update command: dnf update libxml2*

Packages list

libxml2-2.9.7-18.el8.tuxcare.els7.i686.rpm libxml2-2.9.7-18.el8.tuxcare.els7.x86_64.rpm libxml2-devel-2.9.7-18.el8.tuxcare.els7.i686.rpm libxml2-devel-2.9.7-18.el8.tuxcare.els7.x86_64.rpm libxml2-static-2.9.7-18.el8.tuxcare.els7.x86_64.rpm python3-libxml2-2.9.7-18.el8.tuxcare.els7.x86_64.rpm

CVEs

CVE-2025-49796

CVE-2025-49794

CVE-2025-6021