Ubuntu Security Notice 6028-2 - USN-6028-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 23.04. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash.
e936bfd38b8205cb07c32f3057dc5f6150b5dd58c2eeaad2df97c67b652a1946
==========================================================================
Ubuntu Security Notice USN-6028-2
June 07, 2023
libxml2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.04
Summary:
Several security issues were fixed in libxml2.
Software Description:
- libxml2: GNOME XML library
Details:
USN-6028-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 23.04.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that lixml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2023-28484)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2023-29469)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 23.04:
libxml2 2.9.14+dfsg-1.1ubuntu0.1
libxml2-utils 2.9.14+dfsg-1.1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6028-2
https://ubuntu.com/security/notices/USN-6028-1
CVE-2022-2309, CVE-2023-28484, CVE-2023-29469
Package Information:
https://launchpad.net/ubuntu/+source/libxml2/2.9.14+dfsg-1.1ubuntu0.1