This update for libxml2 fixes the following security issues:
- CVE-2018-9251: The xz_decomp function allowed remote attackers to cause
a denial of service (infinite loop) via a crafted XML file that triggers
LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)
- CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted
XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint
(bsc#1105166)
- CVE-2018-14404: Prevent NULL pointer dereference in the
xmlXPathCompOpEval() function when parsing an invalid XPath expression
in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service
attack (bsc#1102046)
This update was imported from the SUSE:SLE-15:Update update project.