libxml2 (SL7)

By Scientific Linux Team on October 20, 2020

Synopsis: Moderate: libxml2 security and bug fix update
Advisory ID: SLSA-2020:3996-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2020-7595
CVE-2019-20388
CVE-2019-19956

Security Fix(es):

* libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c
(CVE-2019-19956)

* libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388)

* libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file
situations (CVE-2020-7595)

SL7
x86_64
libxml2-2.9.1-6.el7.5.i686.rpm
libxml2-devel-2.9.1-6.el7.5.i686.rpm
libxml2-python-2.9.1-6.el7.5.x86_64.rpm
libxml2-devel-2.9.1-6.el7.5.x86_64.rpm
libxml2-2.9.1-6.el7.5.x86_64.rpm
libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm
libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm
libxml2-static-2.9.1-6.el7.5.i686.rpm
libxml2-static-2.9.1-6.el7.5.x86_64.rpm

– Scientific Linux Development Team