Test Kennung:	1.3.6.1.4.1.25623.1.0.883387
Kategorie:	CentOS Local Security Checks
Titel:	CentOS: Security Advisory for libxml2 (CESA-2020:3996)
Zusammenfassung:	The remote host is missing an update for the 'libxml2'; package(s) announced via the CESA-2020:3996 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libxml2' package(s) announced via the CESA-2020:3996 advisory. Vulnerability Insight: The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): * libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c (CVE-2019-19956) * libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c (CVE-2019-20388) * libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations (CVE-2020-7595) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. Affected Software/OS: 'libxml2' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-19956 https://security.netapp.com/advisory/ntap-20200114-0002/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/ https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549 https://www.oracle.com/security-alerts/cpujul2020.html https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html SuSE Security Announcement: openSUSE-SU-2020:0681 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html SuSE Security Announcement: openSUSE-SU-2020:0781 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html https://usn.ubuntu.com/4274-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-20388 https://security.netapp.com/advisory/ntap-20200702-0005/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/ https://security.gentoo.org/glsa/202010-04 https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html Common Vulnerability Exposure (CVE) ID: CVE-2020-7595 https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08 https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076
Copyright	Copyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.