New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update: libxml2 #1118

Closed

dongsupark opened this issue Jul 17, 2023 · 1 comment

Labels

advisory security

Member

dongsupark commented Jul 17, 2023

Name: libxml2
CVEs: no CVE, libxml2-20230428
CVSSs: n/a
Action Needed: update to >= libxml2 2.11.1

Summary:

Fix use-after-free in xmlParseContentInternal() (David Kilzer)
xmllint: Fix use-after-free with --maxmem
parser: Fix OOB read when formatting error message
entities: Rework entity amplification checks

refmap.gentoo: https://bugs.gentoo.org/905399

dongsupark added security advisory labels

sayanchowdhury mentioned this issue

Weekly portage-stable package updates 2023-07-17 flatcar/scripts#987

Merged

2 tasks

Member Author

dongsupark commented Aug 7, 2023

PR flatcar/scripts#987 was merged. libxml2 2.11.4 will be included in the next Alpha.

dongsupark closed this as completed

github-actions bot mentioned this issue

Monthly contributions report 2023-07-22 - 2023-08-21 #1246

Closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment