| Package | libxml2 |
|---|---|
| Version | 2.9.1+dfsg1-5+deb8u12 |
| Related CVEs | CVE-2022-23308 |
One vulnerability has been discovered in the libxml2: GNOME XML library.
CVE-2022-23308
the application that validates XML using xmlTextReaderRead() with XML_PARSE_DTDATTR
and XML_PARSE_DTDVALID enabled becomes vulnerable to this use-after-free bug.
This issue can result in denial of service.
For Debian 8 jessie, these problems have been fixed in version 2.9.1+dfsg1-5+deb8u12.
We recommend that you upgrade your libxml2 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.