AVG-56 log
| Package | libxml2 |
| Status | Fixed |
| Severity | Critical |
| Type | arbitrary code execution |
| Affected | 2.9.4+4+g3169602-1 |
| Fixed | 2.9.4+12+ge905f08-1 |
| Current | 2.12.6-2 [core] |
| Ticket | None |
| Created | Tue Nov 1 11:04:57 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-5131 | Critical | Yes | Arbitrary code execution | Bugs in xmlXPathEvalExpr and xmlXPtrRangeToFunction can lead to a use- after-free and allow control of the instruction pointer. |
| CVE-2016-4658 | Critical | Yes | Arbitrary code execution | A use-after-free vulnerability via namespace nodes in XPointer ranges was found in libxml2. |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 01 Nov 2016 | ASA-201611-2 | libxml2 | arbitrary code execution |