[Oraclevm-errata] OVMSA-2015-0097 Oracle VM 3.3 libxml2 security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Thu Jul 30 20:31:15 PDT 2015
Oracle VM Security Advisory OVMSA-2015-0097
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libxml2-2.7.6-20.0.1.el6.x86_64.rpm
libxml2-python-2.7.6-20.0.1.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/libxml2-2.7.6-20.0.1.el6.src.rpm
Description of changes:
[2.7.6-20.0.1.el6]
- Update doc/redhat.gif in tarball
- Add libxml2-oracle-enterprise.patch and update logos in tarball
[libxml2-2.7.6-20.el6]
- CVE-2015-1819 Enforce the reader to run in constant memory(rhbz#1214163)
[libxml2-2.7.6-19.el6]
- Stop parsing on entities boundaries errors
- Fix missing entities after CVE-2014-3660 fix (rhbz#1149086)
[libxml2-2.7.6-18.el6]
- CVE-2014-3660 denial of service via recursive entity expansion
(rhbz#1149086)
- Fix html serialization error and htmlSetMetaEncoding (rhbz#1004513)
More information about the Oraclevm-errata
mailing list