libxml2

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description XML parsing library, version 2
Version 2.9.7+4+g72182550-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-56 2.9.4+4+g3169602-1 2.9.4+12+ge905f08-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2016-5131 AVG-56 Critical Yes Arbitrary code execution
Bugs in xmlXPathEvalExpr and xmlXPtrRangeToFunction can lead to a use- after-free and allow control of the instruction pointer.
CVE-2016-4658 AVG-56 Critical Yes Arbitrary code execution
A use-after-free vulnerability via namespace nodes in XPointer ranges was found in libxml2.

Advisories

Date Advisory Group Severity Description
01 Nov 2016 ASA-201611-2 AVG-56 Critical arbitrary code execution