SUSE-SU-2023:3698-1

UNKNOWN

Security update for libxml2

Published Sep 20, 2023

Modified 2 years ago

Fix available

Details

This update for libxml2 fixes the following issues:

CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768).

Affected Packages

libxml2

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

libxml2-2

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

libxml2-2-32bit

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

libxml2-devel

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

libxml2-tools

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

python-libxml2-python

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

python2-libxml2-python

SUSE Enterprise Storage 7SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise Server 15 SP1-LTSSSUSE Linux Enterprise Server 15 SP2-LTSS

Fixed in:

2.9.7-150000.3.60.1

python3-libxml2-python

SUSE Enterprise Storage 7SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Fixed in:

2.9.7-150000.3.60.1

References

https://bugzilla.suse.com/1214768

https://www.suse.com/security/cve/CVE-2023-39615

https://www.suse.com/support/update/announcement/2023/suse-su-20233698-1/

Upstream

Related

Ecosystems(18)

SUSE Enterprise Storage 7 SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

Timeline

PublishedSep 20, 2023

ModifiedSep 20, 2023

SUSE-SU-2023:3698-1 | Mondoo Vulnerability Intelligence