Ops One AG

You can subscribe via RSS

Monday 15th January 2018

Managed Server Version 5: libxml2 update, scheduled 2 years ago

Package: libxml2
CVE ID: CVE-2017-15412
Debian Bug: 883790

libxml2 2.9.1+dfsg1-5+deb8u5 was updated to version 2.9.1+dfsg1-5+deb8u6.

Nick Wellnhofer discovered that certain function calls inside XPath
predicates can lead to use-after-free and double-free errors when
executed by libxml2's XPath engine via an XSLT transformation.