SUSE-SU-2017:1366-1
Advisory lineage Upstream: 3 Downstream: 0
Published: 22 May 2017, 08:37
Last modified:04 Feb 2026, 02:47
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
22 May 2017, 08:37
Published
Vulnerability first disclosed
04 Feb 2026, 02:47
Last Modified
Vulnerability information updated
Description
Security update for libxml2 This update for libxml2 fixes the following issues: * Fix NULL dereference in xpointer.c when in recovery mode [bsc#1014873] * CVE-2016-9597: An XML document with many opening tags could have caused a overflow of the stack not detected by the recursion limits, allowing for DoS (bsc#1017497) * CVE-2014-0191: External parameter entity loaded when entity substitution is disabled could cause a DoS. (bsc#876652) * CVE-2016-9318: XML External Entity (XXE) could be abused via crafted document. (bsc#1010675)
Affected Systems
- suse•libxml2&distro=SUSE Linux Enterprise Desktop 12 SP1
< 2.9.1-26.12.1
- suse•libxml2&distro=SUSE Linux Enterprise Server 12 SP1
< 2.9.1-26.12.1
- suse•libxml2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
< 2.9.1-26.12.1
- suse•libxml2&distro=SUSE Linux Enterprise Software Development Kit 12 SP1
< 2.9.1-26.12.1
- suse•python-libxml2&distro=SUSE Linux Enterprise Desktop 12 SP1
< 2.9.1-26.12.1
- suse•python-libxml2&distro=SUSE Linux Enterprise Server 12 SP1
< 2.9.1-26.12.1
- suse•python-libxml2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP1
< 2.9.1-26.12.1
References (9)
- https://www.suse.com/support/update/announcement/2017/suse-su-20171366-1/
- https://bugzilla.suse.com/1010675
- https://bugzilla.suse.com/1013930
- https://bugzilla.suse.com/1014873
- https://bugzilla.suse.com/1017497
- https://bugzilla.suse.com/876652
- https://www.suse.com/security/cve/CVE-2014-0191
- https://www.suse.com/security/cve/CVE-2016-9318
- https://www.suse.com/security/cve/CVE-2016-9597