USN-3739-1: libxml2 vulnerabilities

14 August 2018

Several security issues were fixed in libxml2.

Releases

Packages

Details

Matias Brutti discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2016-9318)

It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 18.04 LTS. (CVE-2017-16932)

It was discovered that libxml2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2017-18258, CVE-2018-14404, CVE-2018-14567)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04
Ubuntu 16.04
Ubuntu 14.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-3504-1: libxml2-utils, python-libxml2, libxml2, libxml2-doc, libxml2-dev, libxml2-udeb, python3-libxml2
  • USN-3504-2: libxml2, libxml2-utils, python-libxml2
  • USN-3739-2: libxml2, libxml2-utils, python-libxml2