libxml2-static-2.7.6-21.el6_8.1.i686
[552 KiB] |
Changelog
by Daniel Veillard (2016-06-07):
- Heap-based buffer overread in xmlNextChar (CVE-2016-1762)
- Bug 763071: Heap-buffer-overflow in xmlStrncat <https://bugzilla.gnome.org/show_bug.cgi?id=763071> (CVE-2016-1834)
- Bug 757711: Heap-buffer-overflow in xmlFAParsePosCharGroup <https://bugzilla.gnome.org/show_bug.cgi?id=757711> (CVE-2016-1840)
- Bug 758588: Heap-based buffer overread in xmlParserPrintFileContextInternal <https://bugzilla.gnome.org/show_bug.cgi?id=758588> (CVE-2016-1838)
- Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605> (CVE-2016-1839)
- Bug 759398: Heap use-after-free in xmlDictComputeFastKey <https://bugzilla.gnome.org/show_bug.cgi?id=759398> (CVE-2016-1836)
- Fix inappropriate fetch of entities content (CVE-2016-4449)
- Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral (CVE-2016-1837)
- Heap use-after-free in xmlSAX2AttributeNs (CVE-2016-1835)
- Heap-based buffer-underreads due to xmlParseName (CVE-2016-4447)
- Heap-based buffer overread in htmlCurrentChar (CVE-2016-1833)
- Add missing increments of recursion depth counter to XML parser. (CVE-2016-3705)
- Avoid building recursive entities (CVE-2016-3627)
- Fix some format string warnings with possible format string vulnerability (CVE-2016-4448)
- More format string warnings with possible format string vulnerability (CVE-2016-4448)
|
libxml2-static-2.7.6-20.el6_7.1.i686
[550 KiB] |
Changelog
by Daniel Veillard (2015-11-30):
- Fix a series of CVEs (rhbz#1286495)
- CVE-2015-7941 Cleanup conditional section error handling
- CVE-2015-8317 Fail parsing early on if encoding conversion failed
- CVE-2015-7942 Another variation of overflow in Conditional sections
- CVE-2015-7942 Fix an error in previous Conditional section patch
- Fix parsing short unclosed comment uninitialized access
- CVE-2015-7498 Avoid processing entities after encoding conversion failures
- CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey
- CVE-2015-5312 Another entity expansion issue
- CVE-2015-7499 Add xmlHaltParser() to stop the parser
- CVE-2015-7499 Detect incoherency on GROW
- CVE-2015-7500 Fix memory access error due to incorrect entities boundaries
- CVE-2015-8242 Buffer overead with HTML parser in push mode
- Libxml violates the zlib interface and crashes
|
libxml2-static-2.7.6-20.el6.i686
[548 KiB] |
Changelog
by Daniel Veillard (2015-05-06):
- CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)
|
libxml2-static-2.7.6-17.el6_6.1.i686
[548 KiB] |
Changelog
by Daniel Veillard (2014-10-11):
- CVE-2014-3660 denial of service via recursive entity expansion (rhbz#1149085)
|
libxml2-static-2.7.6-14.el6_5.2.i686
[547 KiB] |
Changelog
by Daniel Veillard (2014-06-11):
- Fix a set of regressions introduced in CVE-2014-0191 (rhbz#1108161)
|
libxml2-static-2.7.6-14.el6_5.1.i686
[547 KiB] |
Changelog
by Daniel Veillard (2014-05-06):
- Improve handling of xmlStopParser(CVE-2013-2877)
- Do not fetch external parameter entities (CVE-2014-0191)
|
libxml2-static-2.7.6-12.el6_4.1.i686
[547 KiB] |
Changelog
by Daniel Veillard (2013-02-19):
-detect and stop excessive entities expansion upon replacement (rhbz#912574)
|
libxml2-static-2.7.6-8.el6_3.4.i686
[547 KiB] |
Changelog
by Daniel Veillard (2012-11-29):
- fix out of range heap access (CVE-2012-5134)
|
libxml2-static-2.7.6-8.el6_3.3.i686
[546 KiB] |
Changelog
by Daniel Veillard (2012-09-05):
- Change the XPath code to percolate allocation error (CVE-2011-1944)
|
libxml2-static-2.7.6-4.el6_2.4.i686
[543 KiB] |
Changelog
by Daniel Veillard (2012-02-15):
- remove chunk in patch related to configure.in as it breaks rebuild
- Resolves: rhbz#788845
|
libxml2-static-2.7.6-4.el6_2.1.i686
[543 KiB] |
Changelog
by Daniel Veillard (2012-01-06):
- Make sure the parser returns when getting a Stop order CVE-2011-3905
- Fix an allocation error when copying entities CVE-2011-3919
- Resolves: rhbz#771913
|