Release Info

Advisory: CLSA-2025:1753729667

OS: Ubuntu 16.04 ELS

Public date: 2025-07-28 19:07:37

Project: libxml2

Version: 2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1753729667.html

Changelog

* SECURITY UPDATE: memory vulnerabilities in schematron - debian/patches/CVE-2025-49794_CVE-2025-49796.patch: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements and memory corruption issue triggered by processing sch:name elements in input XML file - CVE-2025-49794 - CVE-2025-49796

Update

Update command: apt-get update apt-get --only-upgrade install libxml2*

Packages list

libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb libxml2-dev_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb libxml2-doc_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_all.deb libxml2-utils_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb python-libxml2_2.9.3+dfsg1-1ubuntu0.7+tuxcare.els10_amd64.deb

CVEs

CVE-2025-49796
CVE-2025-49794