1. Home
  2. Security Advisories
  3. Slackware Linux
  4. SSA:2024-206-02

[SSA:2024-206-02] libxml2

Affected Packages 4
CVEs 1
Info Packages Vulnerabilities

New libxml2 packages are available for Slackware XXX 15.0 and -current to
fix a security issue.

Here are the details from the Slackware 15.0 ChangeLog

patches/packages/libxml2-2.11.9-i586-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Fix XXE protection in downstream code.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-40896
(* Security fix *)

Where to find the new packages

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libxml2-2.11.9-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libxml2-2.11.9-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxml2-2.13.3-i686-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxml2-2.13.3-x86_64-1.txz

MD5 signatures

Slackware 15.0 package:
a52692a6f8bd22e350cd31258287dee0 libxml2-2.11.9-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
a585d867386e1ae2c77a136d2162ca09 libxml2-2.11.9-x86_64-1_slack15.0.txz

Slackware -current package:
9a5aca640e5a4ed4fbb807e1a1749993 l/libxml2-2.13.3-i686-1.txz

Slackware x86_64 -current package:
314261f48d01111c5c3651e326685462 l/libxml2-2.13.3-x86_64-1.txz

Installation instructions

Upgrade the package as root:
# upgradepkg libxml2-2.11.9-i586-1_slack15.0.txz

Package Affected Version
pkg:slackbuild/slackware/libxml2?arch=x86_64&distro=slackware64-current < 2.13.3
pkg:slackbuild/slackware/libxml2?arch=x86_64&distro=slackware64-15.0 < 2.11.9
pkg:slackbuild/slackware/libxml2?arch=i686&distro=slackware-current < 2.13.3
pkg:slackbuild/slackware/libxml2?arch=i586&distro=slackware-15.0 < 2.11.9
ID
SSA:2024-206-02
URL
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.341361
Published
2024-07-25T02:46:47
(6 weeks ago)
Modified
2024-07-25T02:46:47
(6 weeks ago)
Rights
Slackware Linux Security Team
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:slackbuild/slackware/libxml2?arch=x86_64&distro=slackware64-current slackware libxml2 < 2.13.3 slackware64-current x86_64
Affected pkg:slackbuild/slackware/libxml2?arch=x86_64&distro=slackware64-15.0 slackware libxml2 < 2.11.9 slackware64-15.0 x86_64
Affected pkg:slackbuild/slackware/libxml2?arch=i686&distro=slackware-current slackware libxml2 < 2.13.3 slackware-current i686
Affected pkg:slackbuild/slackware/libxml2?arch=i586&distro=slackware-15.0 slackware libxml2 < 2.11.9 slackware-15.0 i586
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date