ELA-424-1 libxml2 security update

denial of service

2021-05-10
Packagelibxml2
Version2.9.1+dfsg1-5+deb8u10
Related CVEs CVE-2021-3517 CVE-2021-3518 CVE-2021-3537


Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files, which could cause denial of service via application crash when parsing specially crafted files.



For Debian 8 jessie, these problems have been fixed in version 2.9.1+dfsg1-5+deb8u10.

We recommend that you upgrade your libxml2 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.