SUSE-SU-2017:1538-1

Description

Security update for libxml2 This update for libxml2 fixes the following security issues: * CVE-2017-9050: A heap-based buffer over-read in xmlDictAddString (bsc#1039069, bsc#1039661) * CVE-2017-9049: A heap-based buffer overflow in xmlDictComputeFastKey (bsc#1039066) * CVE-2017-9048: A stack overflow vulnerability in xmlSnprintfElementContent (bsc#1039063) * CVE-2017-9047: A stack overflow vulnerability in xmlSnprintfElementContent (bsc#1039064)

Affected Systems

• suse•libxml2&distro=SUSE Linux Enterprise Desktop 12 SP2

  < 2.9.4-39.2

• suse•libxml2&distro=SUSE Linux Enterprise Server 12 SP2

  < 2.9.4-39.2

• suse•libxml2&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

  < 2.9.4-39.2

• suse•libxml2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

  < 2.9.4-39.2

• suse•libxml2&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

  < 2.9.4-39.2

• suse•python-libxml2&distro=SUSE Linux Enterprise Desktop 12 SP2

  < 2.9.4-39.2

• suse•python-libxml2&distro=SUSE Linux Enterprise Server 12 SP2

  < 2.9.4-39.2

• suse•python-libxml2&distro=SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

  < 2.9.4-39.2

• suse•python-libxml2&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

  < 2.9.4-39.2

References (10)

• https://www.suse.com/support/update/announcement/2017/suse-su-20171538-1/
• https://bugzilla.suse.com/1039063
• https://bugzilla.suse.com/1039064
• https://bugzilla.suse.com/1039066
• https://bugzilla.suse.com/1039069
• https://bugzilla.suse.com/1039661
• https://www.suse.com/security/cve/CVE-2017-9047
• https://www.suse.com/security/cve/CVE-2017-9048
• https://www.suse.com/security/cve/CVE-2017-9049
• https://www.suse.com/security/cve/CVE-2017-9050