Ubuntu Security Notice 5760-2 - USN-5760-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information or cause a crash.
4cd4094bfdb08455d198fe423faea041a834392f3e88a524fb4a2552a495968b==========================================================================
Ubuntu Security Notice USN-5760-2
December 05, 2022
libxml2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in libxml2.
Software Description:
- libxml2: GNOME XML library
Details:
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
libxml2 2.9.3+dfsg1-1ubuntu0.7+esm4
libxml2-utils 2.9.3+dfsg1-1ubuntu0.7+esm4
Ubuntu 14.04 ESM:
libxml2 2.9.1+dfsg1-3ubuntu4.13+esm4
libxml2-utils 2.9.1+dfsg1-3ubuntu4.13+esm4
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5760-2
https://ubuntu.com/security/notices/USN-5760-1
CVE-2022-40303, CVE-2022-40304
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed