Уязвимость CVE-2021-3537: Информация
Описание
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
Важность: MEDIUM (5,9) Вектор: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Исправленные пакеты
Имя пакета | Ветка | Исправлено в версии | Версия в репозитории | Errata ID | № Задания | Состояние |
---|---|---|---|---|---|---|
gem-nokogiri | sisyphus | 1.12.4-alt1 | 1.16.2-alt1 | ALT-PU-2021-2997-1 | 252865 | Исправлено |
gem-nokogiri | sisyphus_e2k | 1.16.2-alt1 | 1.16.2-alt1 | ALT-PU-2024-6690-1 | - | Исправлено |
gem-nokogiri | p10 | 1.13.8-alt1.1 | 1.13.8-alt1.1 | ALT-PU-2023-4266-4 | 307833 | Исправлено |
gem-nokogiri | p10_e2k | 1.13.8-alt1.1 | 1.13.8-alt1.1 | ALT-PU-2024-7099-1 | - | Исправлено |
libxml2 | sisyphus | 2.9.12-alt1 | 2.12.5-alt1 | ALT-PU-2021-2057-1 | 275606 | Исправлено |
libxml2 | p10 | 2.9.12-alt1 | 2.9.12-alt1.p10.1 | ALT-PU-2021-2057-1 | 275606 | Исправлено |
libxml2 | c10f1 | 2.9.12-alt1 | 2.9.12-alt1.p10.1 | ALT-PU-2021-2057-1 | 275606 | Исправлено |
libxml2 | c9f2 | 2.9.12-alt1 | 2.9.12-alt1.c9f2.1 | ALT-PU-2021-3332-1 | 287715 | Исправлено |
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1956522 |
|
[debian-lts-announce] 20210510 [SECURITY] [DLA 2653-1] libxml2 security update |
|
https://security.netapp.com/advisory/ntap-20210625-0002/ |
|
GLSA-202107-05 |
|
https://www.oracle.com/security-alerts/cpuoct2021.html |
|
https://www.oracle.com/security-alerts/cpuapr2022.html |
|
N/A |
|
FEDORA-2021-e3ed1ba38b | |
FEDORA-2021-b950000d2b |