MGASA-2023-0298

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0298.html

Import Source

https://advisories.mageia.org/MGASA-2023-0298.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2023-0298

Related

CVE-2023-45322

Published

2023-10-22T21:04:51Z

Modified

2023-10-22T19:47:36Z

Summary

Updated libxml2 packages fix a security vulnerability

Details

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. (CVE-2023-45322)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / libxml2

Package

Name: libxml2
Purl: pkg:rpm/mageia/libxml2?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.10.4-1.2.mga9

Ecosystem specific

{
    "section": "core"
}

Mageia:8 / libxml2

Package

Name: libxml2
Purl: pkg:rpm/mageia/libxml2?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.10-7.9.mga8

Ecosystem specific

{
    "section": "core"
}