SUSE-SU-2016:0187-1

UNKNOWN

Security update for libxml2

Published Jan 21, 2016

Modified 10 years ago

Fix available

Details

This update for libxml2 fixes the following security issue:

CVE-2015-8710: Parsing short unclosed HTML comment could cause uninitialized memory access, which allowed remote attackers to read contents from previous HTTP requests depending on the application (bsc#960674)

Affected Packages

libxml2

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

2.7.6-0.37.1

libxml2-32bit

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

2.7.6-0.37.1

libxml2-python

SUSE Linux Enterprise Desktop 11 SP3SUSE Linux Enterprise Desktop 11 SP4SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4

Fixed in:

2.7.6-0.37.4

libxml2-doc

SUSE Linux Enterprise Server 11 SP3SUSE Linux Enterprise Server 11 SP3-TERADATASUSE Linux Enterprise Server 11 SP4SUSE Linux Enterprise Server for SAP Applications 11 SP3SUSE Linux Enterprise Server for SAP Applications 11 SP4

Fixed in:

2.7.6-0.37.1

libxml2-x86

Fixed in:

2.7.6-0.37.1

libxml2-devel

SUSE Linux Enterprise Software Development Kit 11 SP3SUSE Linux Enterprise Software Development Kit 11 SP4

Fixed in:

2.7.6-0.37.1

libxml2-devel-32bit

SUSE Linux Enterprise Software Development Kit 11 SP3SUSE Linux Enterprise Software Development Kit 11 SP4

Fixed in: