Debian 10261 Published by

A libxml2 security update has been released for Debian GNU/Linux 8 Extended LTS to address out-of-bounds writes.



ELA-617-1 libxml2 security update

Package libxml2
Version 2.9.1+dfsg1-5+deb8u13
Related CVEs CVE-2022-29824

Felix Wilhelm discovered that libxml2, the GNOME XML library, did not correctly check for integer overflows or used wrong types for buffer sizes. This could result in out-of-bounds writes or other memory errors when working on large, multi-gigabyte buffers.

For Debian 8 jessie, these problems have been fixed in version 2.9.1+dfsg1-5+deb8u13.

We recommend that you upgrade your libxml2 packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-617-1 libxml2 security update