Bugzilla – Bug 981549
VUL-0: CVE-2016-4448: libxml2: Format string vulnerability
Last modified: 2016-08-17 15:16:54 UTC
rh#1338700 A vulnerability was found in the libxml2 library. There exist a possible format string vulnerability. https://bugzilla.gnome.org/show_bug.cgi?id=761029 Upstream fixes: https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9 https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b References: https://bugzilla.redhat.com/show_bug.cgi?id=1338700 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4448 http://seclists.org/oss-sec/2016/q2/403
bugbot adjusting priority
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-06-17. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62795
SUSE-SU-2016:1538-1: An update that fixes 15 vulnerabilities is now available. Category: security (important) Bug References: 963963,965283,978395,981040,981041,981108,981109,981111,981112,981114,981115,981548,981549,981550 CVE References: CVE-2015-8806,CVE-2016-1762,CVE-2016-1833,CVE-2016-1834,CVE-2016-1835,CVE-2016-1837,CVE-2016-1838,CVE-2016-1839,CVE-2016-1840,CVE-2016-2073,CVE-2016-3705,CVE-2016-4447,CVE-2016-4448,CVE-2016-4449,CVE-2016-4483 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): libxml2-2.9.1-24.1 SUSE Linux Enterprise Software Development Kit 12 (src): libxml2-2.9.1-24.1 SUSE Linux Enterprise Server 12-SP1 (src): libxml2-2.9.1-24.1, python-libxml2-2.9.1-24.1 SUSE Linux Enterprise Server 12 (src): libxml2-2.9.1-24.1, python-libxml2-2.9.1-24.1 SUSE Linux Enterprise Desktop 12-SP1 (src): libxml2-2.9.1-24.1, python-libxml2-2.9.1-24.1 SUSE Linux Enterprise Desktop 12 (src): libxml2-2.9.1-24.1, python-libxml2-2.9.1-24.1
openSUSE-SU-2016:1595-1: An update that fixes 15 vulnerabilities is now available. Category: security (important) Bug References: 963963,965283,978395,981040,981041,981108,981109,981111,981112,981114,981115,981548,981549,981550 CVE References: CVE-2015-8806,CVE-2016-1762,CVE-2016-1833,CVE-2016-1834,CVE-2016-1835,CVE-2016-1837,CVE-2016-1838,CVE-2016-1839,CVE-2016-1840,CVE-2016-2073,CVE-2016-3705,CVE-2016-4447,CVE-2016-4448,CVE-2016-4449,CVE-2016-4483 Sources used: openSUSE Leap 42.1 (src): libxml2-2.9.1-19.1, python-libxml2-2.9.1-19.1
SUSE-SU-2016:1604-1: An update that fixes 15 vulnerabilities is now available. Category: security (important) Bug References: 963963,965283,978395,981040,981041,981108,981109,981111,981112,981114,981115,981548,981549,981550 CVE References: CVE-2015-8806,CVE-2016-1762,CVE-2016-1833,CVE-2016-1834,CVE-2016-1835,CVE-2016-1837,CVE-2016-1838,CVE-2016-1839,CVE-2016-1840,CVE-2016-2073,CVE-2016-3705,CVE-2016-4447,CVE-2016-4448,CVE-2016-4449,CVE-2016-4483 Sources used: SUSE OpenStack Cloud 5 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Manager Proxy 2.1 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Manager 2.1 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): libxml2-2.7.6-0.44.1 SUSE Linux Enterprise Server 11-SP4 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Linux Enterprise Server 11-SP3-LTSS (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Linux Enterprise Server 11-SP2-LTSS (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Linux Enterprise Debuginfo 11-SP4 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Linux Enterprise Debuginfo 11-SP3 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4 SUSE Linux Enterprise Debuginfo 11-SP2 (src): libxml2-2.7.6-0.44.1, libxml2-python-2.7.6-0.44.4
all released