[Apollo] Advisories Statistics light light Login

RLSA-2023:4529

Security Mirrored from RHSA-2023:4529
Issued at: 2023-10-06
Updated at: 2023-10-06

Synopsis

Moderate: libxml2 security update



Description

The libxml2 library is a development toolbox providing the implementation of various XML standards.

Security Fix(es):

* libxml2: NULL dereference in xmlSchemaFixupComplexType (CVE-2023-28484)

* libxml2: Hashing of empty dict strings isn't deterministic (CVE-2023-29469)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2185984 2185994

CVEs

CVE-2023-28484 CVE-2023-29469

Affected packages

Rocky Linux 8 aarch64 - BaseOS

libxml2-0:2.9.7-16.el8_8.1.aarch64.rpm libxml2-0:2.9.7-16.el8_8.1.src.rpm libxml2-debuginfo-0:2.9.7-16.el8_8.1.aarch64.rpm libxml2-debugsource-0:2.9.7-16.el8_8.1.aarch64.rpm python3-libxml2-0:2.9.7-16.el8_8.1.aarch64.rpm python3-libxml2-debuginfo-0:2.9.7-16.el8_8.1.aarch64.rpm

Rocky Linux 8 aarch64 - AppStream

libxml2-devel-0:2.9.7-16.el8_8.1.aarch64.rpm

Rocky Linux 8 x86_64 - BaseOS

libxml2-0:2.9.7-16.el8_8.1.i686.rpm libxml2-0:2.9.7-16.el8_8.1.src.rpm libxml2-0:2.9.7-16.el8_8.1.x86_64.rpm libxml2-debuginfo-0:2.9.7-16.el8_8.1.i686.rpm libxml2-debuginfo-0:2.9.7-16.el8_8.1.x86_64.rpm libxml2-debugsource-0:2.9.7-16.el8_8.1.i686.rpm libxml2-debugsource-0:2.9.7-16.el8_8.1.x86_64.rpm python3-libxml2-0:2.9.7-16.el8_8.1.x86_64.rpm python3-libxml2-debuginfo-0:2.9.7-16.el8_8.1.x86_64.rpm

Rocky Linux 8 x86_64 - AppStream

libxml2-devel-0:2.9.7-16.el8_8.1.i686.rpm libxml2-devel-0:2.9.7-16.el8_8.1.x86_64.rpm