SUSE-SU-2024:0613-2

UNKNOWN

Security update for libxml2

Published Jun 7, 2024

Modified 1 years ago

Fix available

Details

This update for libxml2 fixes the following issues:

CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).

Affected Packages

libxml2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Server 15 SP4-LTSS

Fixed in:

2.9.14-150400.5.28.1

libxml2-2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Server 15 SP4-LTSS

Fixed in:

2.9.14-150400.5.28.1

libxml2-2-32bit

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4SUSE Manager Proxy 4.3

Fixed in:

2.9.14-150400.5.28.1

libxml2-devel

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4SUSE Manager Proxy 4.3

Fixed in:

2.9.14-150400.5.28.1

libxml2-python

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Server 15 SP4-LTSS

Fixed in:

2.9.14-150400.5.28.1

libxml2-tools

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Server 15 SP4-LTSS

Fixed in:

2.9.14-150400.5.28.1

python3-libxml2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Server 15 SP4-LTSS

Fixed in:

2.9.14-150400.5.28.1

python311-libxml2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4

Fixed in:

2.9.14-150400.5.28.1

References

https://bugzilla.suse.com/1219576

https://www.suse.com/security/cve/CVE-2024-25062

https://www.suse.com/support/update/announcement/2024/suse-su-20240613-2/

Upstream

Related

Ecosystems(10)

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Server 15 SP4-LTSS

Timeline

PublishedJun 7, 2024

ModifiedJun 7, 2024

SUSE-SU-2024:0613-2 | Mondoo Vulnerability Intelligence