Debian Security Advisory

DLA-373-1 libxml2 -- LTS security update

Date Reported:
26 Dec 2015
Affected Packages:
libxml2
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500.
More information:

Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or crash the application.