[SECURITY] [DLA 3878-1] libxml2 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3878-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
September 05, 2024 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libxml2
Version : 2.9.10+dfsg-6.7+deb11u5
CVE ID : CVE-2016-3709 CVE-2022-2309
Debian Bug : 1039991
Two vulnerabilities have been fixed in the XML library libxml2.
CVE-2016-3709
HTML 4 parser cross-site scripting
CVE-2022-2309
Parser NULL pointer dereference
For Debian 11 bullseye, these problems have been fixed in version
2.9.10+dfsg-6.7+deb11u5.
We recommend that you upgrade your libxml2 packages.
For the detailed security status of libxml2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libxml2
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmbZyrMACgkQiNJCh6LY
mLExlw/9ET3e2RwMvBHUHMuw0Kbdv70bBltXbWIdHT16Ygig2k3zQmRqQ6nUnUDa
p1c0A8iFblVIIrRmB02dy5CVUcuNR3UKUeRLcbz0gPfOhid3apqWD7JaG4OKPI2/
ThqH9g1XrMaJD8UzPJ7PSTPTesq+mXiesEghlpUN8QoF3+59gvO6Ef1rEMuH0uNj
ZfOn9rdrdDl7BuNqSWuam6Zm6JQ9RrPdGoaloEaO+Sy4gcnmQDOxQ9liMJJxrOwG
p53TOUzfUev/8cQtylgOGNuBTPn+SCgfRkf+xwjeLSQmkaNb/NqKSL0EAgApmerU
AfQridlRfrn9auvUyMs8YA4aVJTRnPYD5jolEZ59KS6yPBMtpK6y1zPHEIrg+/OB
B9I0Mp63GDKSrYJHfsZ91G89LE1i1lLX/vN+UvsIBd18b01dbTn2FpR8/K/t5kM8
F8vZeLPdavc18I3yHTQXitErk6kVQcg658Tgj5xdObAl9Up1dYVQiFokORfk51Cy
cchj+1ausds9AiPRwLuEvjWAgNFgnzfkuvaPUQLAc/r/Yw+BAmdSIgEd0TprXE2r
fXE8UFJowv6bqr1T9bxYAFjqjSYr+MWkldDAMRoUMsvKWQymnXtMphU+j5NHOL1k
Y6SHWOYW4ERgRFjkvRP/PhUOJ8acLtnwgTxRLbJuJBh18CBnTlw=
=R3QP
-----END PGP SIGNATURE-----
Reply to: