[El-errata] ELSA-2026-22420 Moderate: Oracle Linux 7 libxml2 security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jun 30 12:36:45 UTC 2026


Oracle Linux Security Advisory ELSA-2026-22420

http://linux.oracle.com/errata/ELSA-2026-22420.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
libxml2-2.9.1-6.0.13.el7_9.6.i686.rpm
libxml2-2.9.1-6.0.13.el7_9.6.x86_64.rpm
libxml2-devel-2.9.1-6.0.13.el7_9.6.i686.rpm
libxml2-devel-2.9.1-6.0.13.el7_9.6.x86_64.rpm
libxml2-python-2.9.1-6.0.13.el7_9.6.x86_64.rpm
libxml2-static-2.9.1-6.0.13.el7_9.6.i686.rpm
libxml2-static-2.9.1-6.0.13.el7_9.6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libxml2-2.9.1-6.0.13.el7_9.6.src.rpm

Related CVEs:

CVE-2025-9714




Description of changes:

[2.9.1-6.0.13.6]
- Backport fix for CVE-2025-9714 [Orabug: 39476695]

[2.9.1-6.0.11.6]
- Fix CVE-2025-32415: Fix heap buffer overflow [Orabug: 38310750]

[2.9.1-6.0.9.6]
- Fix CVE-2025-7425: heap-use-after-free in xmlFreeID [Orabug: 38290330]

[2.9.1-6.0.7.6]
- Fix CVE-2025-6021, CVE-2025-32414, CVE-2025-49794, CVE-2025-49796
- [Orabug: 38255814]

[2.9.1-6.0.5]
- Fix CVE-2024-56171  [Orabug: 37694105]
- Fix CVE-2025-24928  [Orabug: 37694105]




More information about the El-errata mailing list