This update brings libxml2 to version 2.9.4.
These security issues were fixed:
- CVE-2016-3627: The xmlStringGetNodeList function in tree.c, when used in
recovery mode, allowed context-dependent attackers to cause a denial of
service (infinite recursion, stack consumption, and application crash)
via a crafted XML document (bsc#972335).
- CVE-2016-1833: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1834, CVE-2016-1836,
CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840
(bsc#981108).
- CVE-2016-1835: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document (bsc#981109).
- CVE-2016-1837: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1833, CVE-2016-1834,
CVE-2016-1836, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840
(bsc#981111).
- CVE-2016-1836: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1833, CVE-2016-1834,
CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840
(bsc#981110).
- CVE-2016-1839: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1833, CVE-2016-1834,
CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, and CVE-2016-1840
(bsc#981114).
- CVE-2016-1838: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1833, CVE-2016-1834,
CVE-2016-1836, CVE-2016-1837, CVE-2016-1839, and CVE-2016-1840
(bsc#981112).
- CVE-2016-1840: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1833, CVE-2016-1834,
CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, and CVE-2016-1839
(bsc#981115).
- CVE-2016-4483: out-of-bounds read parsing an XML using recover mode
(bnc#978395).
- CVE-2016-1834: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document, a different vulnerability than CVE-2016-1833, CVE-2016-1836,
CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, and CVE-2016-1840
(bsc#981041).
- CVE-2016-3705: The (1) xmlParserEntityCheck and (2)
xmlParseAttValueComplex functions in parser.c in libxml2 did not
properly keep track of the recursion depth, which allowed
context-dependent attackers to cause a denial of service (stack
consumption and application crash) via a crafted XML document containing
a large number of nested entity references (bsc#975947).
- CVE-2016-1762: libxml2 allowed remote attackers to execute arbitrary
code or cause a denial of service (memory corruption) via a crafted XML
document (bsc#981040).
This non-security issue was fixed:
- bnc#983288: Fix attribute decoding during XML schema validation